CVE-2025-9610 - Code-projects Online Event Judging System SQL Injection
CVE ID : CVE-2025-9610
Published : Aug. 29, 2025, 4:16 a.m. | 45 minutes ago
Description : A vulnerability was determined in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /create_account.php. This manipulation of the argument fname causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Other parameters might be affected as well.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9619 - Mercatus ERP Remote Resource ID Manipulation Vulnerability
CVE ID : CVE-2025-9619
Published : Aug. 29, 2025, 4:16 a.m. | 45 minutes ago
Description : A security flaw has been discovered in E4 Sistemas Mercatus ERP 2.00.019. The affected element is an unknown function of the file /basico/webservice/imprimir-danfe/id/. Performing manipulation results in improper control of resource identifiers. It is possible to initiate the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9639
Published : Aug. 29, 2025, 4:16 a.m. | 45 minutes ago
Description : The QbiCRMGateway developed by Ai3 has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8857 - Changing Clinic Image System Hard-Coded Credentials Vulnerability
CVE ID : CVE-2025-8857
Published : Aug. 29, 2025, 4:15 a.m. | 45 minutes ago
Description : Clinic Image System developed by Changing contains hard-coded Credentials, allowing unauthenticated remote attackers to log into the system using administrator credentials embedded in the source code.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8858 - Changing Clinic Image System SQL Injection Vulnerability
CVE ID : CVE-2025-8858
Published : Aug. 29, 2025, 4:15 a.m. | 45 minutes ago
Description : Clinic Image System developed by Changing has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8861
Published : Aug. 29, 2025, 4:15 a.m. | 45 minutes ago
Description : TSA developed by Changing has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9609
Published : Aug. 29, 2025, 4:15 a.m. | 45 minutes ago
Description : A vulnerability was found in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /educacenso/consulta. The manipulation results in improper authorization. The attack can be executed remotely. The exploit has been made public and could be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-39245 - HikCentral Master Lite CSV Injection Vulnerability
CVE ID : CVE-2025-39245
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-39246 - HikCentral FocSign Unquoted Service Path Privilege Escalation Vulnerability
CVE ID : CVE-2025-39246
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could allow an authenticated user to potentially enable escalation of privilege via local access.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-39247 - HikCentral Professional Unauthenticated Privilege Escalation
CVE ID : CVE-2025-39247
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58323 - NAVER MYBOX Explorer Windows Privilege Escalation Vulnerability
CVE ID : CVE-2025-58323
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary files due to improper privilege checks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58326 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-58326
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58327 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-58327
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58328 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-58328
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58329 - Oracle WebLogic Server Deserialization RCE
CVE ID : CVE-2025-58329
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58330 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-58330
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58331 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-58331
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58332 - Apache HTTP Server Command Injection Vulnerability
CVE ID : CVE-2025-58332
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58333
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9605
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : A security vulnerability has been detected in Tenda AC21 and AC23 16.03.08.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. Such manipulation of the argument mac leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
Severity: 10.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9606
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : A vulnerability was detected in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/agenda_preferencias.php. Performing manipulation of the argument cod_agenda results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9607
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : A flaw has been found in Portabilis i-Educar up to 2.10. Affected by this issue is some unknown functionality of the file /module/TabelaArredondamento/view of the component Tabelas de Arredondamento Page. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9608 - Portabilis i-Educar Formula de Cálculo de Média Page SQL Injection
CVE ID : CVE-2025-9608
Published : Aug. 29, 2025, 3:15 a.m. | 1 hour, 45 minutes ago
Description : A vulnerability has been found in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/FormulaMedia/view of the component Formula de Cálculo de Média Page. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9603
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 45 minutes ago
Description : A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9604
Published : Aug. 29, 2025, 2:15 a.m. | 2 hours, 45 minutes ago
Description : A vulnerability was identified in coze-studio up to 0.2.4. The impacted element is an unknown function of the file backend/domain/plugin/encrypt/aes.go. The manipulation of the argument AuthSecretKey/StateSecretKey/OAuthTokenSecretKey leads to use of hard-coded cryptographic key
. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitability is regarded as difficult. To fix this issue, it is recommended to deploy a patch. The vendor replied to the GitHub issue (translated from simplified Chinese): "For scenarios requiring encryption, we will implement user-defined key management through configuration and optimize the use of encryption tools, such as random salt."
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9601 - iSourcecode Apartment Management System SQL Injection
CVE ID : CVE-2025-9601
Published : Aug. 29, 2025, 2:15 a.m. | 1 hour, 4 minutes ago
Description : A vulnerability was detected in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /setting/employee_salary_setup.php. The manipulation of the argument ddlEmpName results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9602
Published : Aug. 29, 2025, 2:15 a.m. | 1 hour, 4 minutes ago
Description : A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the function publicsaveAjax of the file /index.php. Performing manipulation results in improper authorization. The attack is possible to be carried out remotely. The exploit has been made public and could be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-44271 - Apple macOS Sequoia Screen Recording Vulnerability
CVE ID : CVE-2024-44271
Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago
Description : The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to record the screen without an indicator.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-54554 - "Apple macOS Sequoia Symlink Data Access Vulnerability"
CVE ID : CVE-2024-54554
Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago
Description : This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitive user data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-54568
Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago
Description : The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2. Parsing a maliciously crafted file may lead to an unexpected app termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40927
Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago
Description : CGI::Simple versions before 1.282 for Perl has a HTTP response splitting flaw
This vulnerability is a confirmed HTTP response splitting flaw in CGI::Simple that allows HTTP response header injection, which can be used for reflected XSS or open redirect under certain conditions.
Although some validation exists, it can be bypassed using URL-encoded values, allowing an attacker to inject untrusted content into the response via query parameters.
As a result, an attacker can inject a line break (e.g. %0A) into the parameter value, causing the server to split the HTTP response and inject arbitrary headers or even an HTML/JavaScript body, leading to reflected cross-site scripting (XSS), open redirect or other attacks.
The issue documented in CVE-2010-4410 https://www.cve.org/CVERecord?id=CVE-2010-4410 is related but the fix was incomplete.
Impact
By injecting %0A (newline) into a query string parameter, an attacker can:
* Break the current HTTP header
* Inject a new header or entire body
* Deliver a script payload that is reflected in the server’s response
That can lead to the following attacks:
* reflected XSS
* open redirect
* cache poisoning
* header manipulation
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43187 - Apple macOS HDIUTIL Code Execution Vulnerability
CVE ID : CVE-2025-43187
Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago
Description : This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. Running an hdiutil command may unexpectedly execute arbitrary code.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43255 - Apple macOS IOMemoryDescriptor Out-of-Bounds Read Vulnerability
CVE ID : CVE-2025-43255
Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago
Description : An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Sequoia 15.6, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43268 - Apple macOS Sequoia Root Privilege Escalation
CVE ID : CVE-2025-43268
Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago
Description : A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43284 - Apple macOS Out-of-Bounds Read Vulnerability
CVE ID : CVE-2025-43284
Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago
Description : An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.7, macOS Ventura 13.7.7, macOS Sequoia 15.6. An app may be able to cause unexpected system termination.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54142
Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago
Description : Akamai Ghost before 2025-07-21 allows HTTP Request Smuggling via an OPTIONS request that has an entity body, because there can be a subsequent request within the persistent connection between an Akamai proxy server and an origin server, if the origin server violates certain Internet standards.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9599 - iSourcecode Apartment Management System SQL Injection
CVE ID : CVE-2025-9599
Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago
Description : A weakness has been identified in itsourcecode Apartment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /setting/month_setup.php. Executing manipulation of the argument txtMonthName can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9600 - "Isourcecode Apartment Management System SQL Injection Vulnerability"
CVE ID : CVE-2025-9600
Published : Aug. 29, 2025, 1:15 a.m. | 2 hours, 4 minutes ago
Description : A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /setting/member_type_setup.php. The manipulation of the argument txtMemberType leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48979
Published : Aug. 29, 2025, 12:15 a.m. | 3 hours, 4 minutes ago
Description : An Improper Input Validation in UISP Application could allow a Command Injection by a malicious actor with High Privileges and local access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9595 - Code-projects Student Information Management System Cross Site Scripting Vulnerability
CVE ID : CVE-2025-9595
Published : Aug. 29, 2025, 12:15 a.m. | 3 hours, 4 minutes ago
Description : A vulnerability was found in code-projects Student Information Management System 1.0. The impacted element is an unknown function of the file /login.php. The manipulation of the argument uname results in cross site scripting. The attack may be performed from a remote location. The exploit has been made public and could be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9596 - iSourcecode Sports Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9596
Published : Aug. 29, 2025, 12:15 a.m. | 3 hours, 4 minutes ago
Description : A vulnerability was determined in itsourcecode Sports Management System 1.0. This affects an unknown function of the file /login.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9597 - Itsoucecode Apartment Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9597
Published : Aug. 29, 2025, 12:15 a.m. | 3 hours, 4 minutes ago
Description : A vulnerability was identified in itsourcecode Apartment Management System 1.0. This impacts an unknown function of the file /o_dashboard/rented_all_info.php. Such manipulation of the argument uid leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9598 - Apache Management System SQL Injection
CVE ID : CVE-2025-9598
Published : Aug. 29, 2025, 12:15 a.m. | 3 hours, 4 minutes ago
Description : A security flaw has been discovered in itsourcecode Apartment Management System 1.0. Affected is an unknown function of the file /setting/year_setup.php. Performing manipulation of the argument txtXYear results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58062 - OpenMCP Client OS Command Injection Vulnerability
CVE ID : CVE-2025-58062
Published : Aug. 28, 2025, 11:15 p.m. | 4 hours, 4 minutes ago
Description : LSTM-Kirigaya's openmcp-client is a vscode plugin for mcp developer. Prior to version 0.1.12, when users on a Windows platform connect to an attacker controlled MCP server, attackers could provision a malicious authorization server endpoint to silently achieve an OS command injection attack in the open() invocation, leading to client system compromise. This issue has been patched in version 0.1.12.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9593 - iSourcecode Apartment Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9593
Published : Aug. 28, 2025, 11:15 p.m. | 4 hours, 4 minutes ago
Description : A flaw has been found in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/unit_status_info.php. Executing manipulation of the argument usid can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9594 - iSourcecode Apartment Management System SQL Injection
CVE ID : CVE-2025-9594
Published : Aug. 28, 2025, 11:15 p.m. | 4 hours, 4 minutes ago
Description : A vulnerability has been found in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /report/complain_info.php. The manipulation of the argument vid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9591 - ZrLog Cross-Site Scripting Vulnerability in Theme Configuration Form
CVE ID : CVE-2025-9591
Published : Aug. 28, 2025, 10:15 p.m. | 5 hours, 4 minutes ago
Description : A security vulnerability has been detected in ZrLog up to 3.1.5. This vulnerability affects unknown code of the file /api/admin/template/config of the component Theme Configuration Form. Such manipulation of the argument footerLink leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9592 - iSourcecode Apartment Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9592
Published : Aug. 28, 2025, 10:15 p.m. | 5 hours, 4 minutes ago
Description : A vulnerability was detected in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /report/bill_info.php. Performing manipulation of the argument vid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58058
Published : Aug. 28, 2025, 10:15 p.m. | 2 hours, 22 minutes ago
Description : xz is a pure golang package for reading and writing xz-compressed files. Prior to version 0.5.14, it is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current implementation allocates the full decoding buffer directly after reading the header. The LZMA header doesn't include a magic number or has a checksum to detect such an issue according to the specification. Note that the code recognizes the issue later while reading the stream, but at this time the memory allocation has already been done. This issue has been patched in version 0.5.14.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58061 - OpenEBS Local PV RawFile World Readable Persistent Volume Data
CVE ID : CVE-2025-58061
Published : Aug. 28, 2025, 10:15 p.m. | 2 hours, 22 minutes ago
Description : OpenEBS Local PV RawFile allows dynamic deployment of Stateful Persistent Node-Local Volumes & Filesystems for Kubernetes. Prior to version 0.10.0, persistent volume data is world readable and that would allow non-privileged users to access sensitive data such as databases of k8s workload. The rawfile-localpv storage class creates persistent volume data under /var/csi/rawfile/ on Kubernetes hosts by default. However, the directory and data in it are world-readable. It allows non-privileged users to access the whole persistent volume data, and those can include sensitive information such as a whole database if the Kubernetes tenants are running MySQL or PostgreSQL in a container so it could lead to a database breach. This issue has been patched in version 0.10.0.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9589
Published : Aug. 28, 2025, 10:15 p.m. | 2 hours, 22 minutes ago
Description : A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown function of the file /etc/shadow. Executing manipulation can lead to use of default password. The attack needs to be launched locally. A high complexity level is associated with this attack. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9590 - Weaver E-Mobile Mobile Management Platform Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-9590
Published : Aug. 28, 2025, 10:15 p.m. | 2 hours, 21 minutes ago
Description : A vulnerability was identified in Weaver E-Mobile Mobile Management Platform up to 20250813. Affected by this vulnerability is an unknown functionality. The manipulation of the argument gohome leads to cross site scripting. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9585
Published : Aug. 28, 2025, 9:15 p.m. | 3 hours, 21 minutes ago
Description : A vulnerability was determined in Comfast CF-N1 2.6.0. This affects the function wifilith_delete_pic_file of the file /usr/bin/webmgnt. This manipulation of the argument portal_delete_picname causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9586
Published : Aug. 28, 2025, 9:15 p.m. | 3 hours, 21 minutes ago
Description : A vulnerability was identified in Comfast CF-N1 2.6.0. This vulnerability affects the function wireless_device_dissoc of the file /usr/bin/webmgnt. Such manipulation of the argument mac leads to command injection. The attack may be performed from a remote location. The exploit is publicly available and might be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6203 - HashiCorp Vault CPU and Memory Exhaustion Vulnerability
CVE ID : CVE-2025-6203
Published : Aug. 28, 2025, 8:15 p.m. | 4 hours, 21 minutes ago
Description : A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. This may lead to a timeout in Vault’s auditing subroutine, potentially resulting in the Vault server to become unresponsive. This vulnerability, CVE-2025-6203, is fixed in Vault Community Edition 1.20.3 and Vault Enterprise 1.20.3, 1.19.9, 1.18.14, and 1.16.25.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9582
Published : Aug. 28, 2025, 8:15 p.m. | 4 hours, 21 minutes ago
Description : A flaw has been found in Comfast CF-N1 2.6.0. Affected is the function ntp_timezone of the file /usr/bin/webmgnt. Executing manipulation of the argument timestr can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9583
Published : Aug. 28, 2025, 8:15 p.m. | 4 hours, 21 minutes ago
Description : A vulnerability has been found in Comfast CF-N1 2.6.0. Affected by this vulnerability is the function ping_config of the file /usr/bin/webmgnt. The manipulation leads to command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9584
Published : Aug. 28, 2025, 8:15 p.m. | 4 hours, 21 minutes ago
Description : A vulnerability was found in Comfast CF-N1 2.6.0. Affected by this issue is the function update_interface_png of the file /usr/bin/webmgnt. The manipulation of the argument interface/display_name results in command injection. The attack can be executed remotely. The exploit has been made public and could be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57220
Published : Aug. 28, 2025, 7:15 p.m. | 5 hours, 21 minutes ago
Description : An input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 to escalate privileges to root via a crafted UDP packet.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9577
Published : Aug. 28, 2025, 7:15 p.m. | 5 hours, 21 minutes ago
Description : A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attacking locally is a requirement. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been released to the public and may be exploited.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9579 - "LB-LINK BL-X26 HTTP Handler Os Command Injection Vulnerability"
CVE ID : CVE-2025-9579
Published : Aug. 28, 2025, 7:15 p.m. | 5 hours, 21 minutes ago
Description : A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/set_hidessid_cfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9580 - LB-LINK BL-X26 HTTP Handler Os Command Injection Vulnerability
CVE ID : CVE-2025-9580
Published : Aug. 28, 2025, 7:15 p.m. | 5 hours, 21 minutes ago
Description : A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/set_blacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9581
Published : Aug. 28, 2025, 7:15 p.m. | 5 hours, 21 minutes ago
Description : A vulnerability was detected in Comfast CF-N1 2.6.0. This impacts the function multi_pppoe of the file /usr/bin/webmgnt. Performing manipulation of the argument phy_interface results in command injection. The attack may be initiated remotely. The exploit is now public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57215
Published : Aug. 28, 2025, 7:15 p.m. | 3 hours, 21 minutes ago
Description : Tenda AC10 v4.0 firmware v16.03.10.20 was discovered to contain a stack overflow via the function get_parentControl_list_Info.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57219
Published : Aug. 28, 2025, 7:15 p.m. | 3 hours, 21 minutes ago
Description : Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 allows attackers to escalate privileges or access sensitive components via a crafted request.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58048
Published : Aug. 28, 2025, 6:15 p.m. | 4 hours, 21 minutes ago
Description : Paymenter is a free and open-source webshop solution for hostings. Prior to version 1.2.11, the ticket attachments functionality in Paymenter allows a malicious authenticated user to upload arbitrary files. This could result in sensitive data extraction from the database, credentials being read from configuration files, and arbitrary system commands being run under the web server user context. This vulnerability was patched by commit 87c3db4 and was released under the version 1.2.11 tag without any other code modifications compared to version 1.2.10. If upgrading is not immediately possible, administrators can mitigate this vulnerability with one or more of the following measures: updating nginx config to download attachments instead of executing them or disallowing access to /storage/ fully using a WAF such as Cloudflare.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58049 - XWiki Platform Unencrypted Cookies Storage Vulnerability
CVE ID : CVE-2025-58049
Published : Aug. 28, 2025, 6:15 p.m. | 4 hours, 21 minutes ago
Description : XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions from 14.4.2 to before 16.4.8, 16.5.0-rc-1 to before 16.10.7, and 17.0.0-rc-1 to before 17.4.0-rc-1, the PDF export jobs store sensitive cookies unencrypted in job statuses. XWiki shouldn't store passwords in plain text, and it shouldn't be possible to gain access to plain text passwords by gaining access to, e.g., a backup of the data directory. This vulnerability has been patched in XWiki 16.4.8, 16.10.7, and 17.4.0-rc-1.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58059 - Valtimo Business Process Automation Remote Code Execution and Data Access Vulnerability
CVE ID : CVE-2025-58059
Published : Aug. 28, 2025, 6:15 p.m. | 4 hours, 21 minutes ago
Description : Valtimo is a platform for Business Process Automation. In versions before 12.16.0.RELEASE, and from 13.0.0.RELEASE to before 13.1.2.RELEASE, any admin that can create or modify and execute process-definitions could gain access to sensitive data or resources. This includes but is not limited to: running executables on the application host, inspecting and extracting data from the host environment or application properties, spring beans (application context, database pooling). The following conditions have to be met in order to perform this attack: the user must be logged in, have the admin role, and must have some knowledge about running scripts via a the Camunda/Operator engine. Version 12.16.0 and 13.1.2 have been patched. It is strongly advised to upgrade. If no scripting is needed in any of the processes, it could be possible to disable it altogether via the ProcessEngineConfiguration. However, this workaround could lead to unexpected side-effects.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9195 - Solidigm DC Products Firmware Denial of Service
CVE ID : CVE-2025-9195
Published : Aug. 28, 2025, 6:15 p.m. | 4 hours, 21 minutes ago
Description : Improper input validation in firmware of some Solidigm DC Products may allow an attacker with local access to cause a Denial of Service
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9575
Published : Aug. 28, 2025, 6:15 p.m. | 4 hours, 21 minutes ago
Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function cgiMain of the file /cgi-bin/upload.cgi. Executing manipulation of the argument filename can lead to os command injection. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9576
Published : Aug. 28, 2025, 6:15 p.m. | 4 hours, 21 minutes ago
Description : A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown function of the file /etc/shadow of the component Administrative Interface. The manipulation leads to use of default credentials. An attack has to be approached locally. A high degree of complexity is needed for the attack. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31971
Published : Aug. 28, 2025, 6:15 p.m. | 2 hours, 21 minutes ago
Description : AIML Solutions for HCL SX is vulnerable to a URL validation vulnerability. The issue may allow attackers to launch a server-side request forgery (SSRF) attack enabling unauthorized network calls from the system, potentially exposing internal services or sensitive information.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57217
Published : Aug. 28, 2025, 6:15 p.m. | 2 hours, 21 minutes ago
Description : Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the Password parameter in the function R7WebsSecurityHandler.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57218
Published : Aug. 28, 2025, 6:15 p.m. | 2 hours, 21 minutes ago
Description : Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to contain a stack overflow via the security_5g parameter in the function sub_46284C.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58047
Published : Aug. 28, 2025, 6:15 p.m. | 2 hours, 21 minutes ago
Description : Volto is a React based frontend for the Plone Content Management System. In versions from 19.0.0-alpha.1 to before 19.0.0-alpha.4, 18.0.0 to before 18.24.0, 17.0.0 to before 17.22.1, and prior to 16.34.0, an anonymous user could cause the NodeJS server part of Volto to quit with an error when visiting a specific URL. The problem has been patched in versions 16.34.0, 17.22.1, 18.24.0, and 19.0.0-alpha.4. To mitigate downtime, have setup automatically restart processes that quit with an error.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57759
Published : Aug. 28, 2025, 5:15 p.m. | 3 hours, 21 minutes ago
Description : Contao is an Open Source CMS. In versions starting from 5.3.0 and prior to 5.3.38 and 5.6.1, under certain conditions, back end users may be able to edit fields of pages and articles without having the necessary permissions. This issue has been patched in versions 5.3.38 and 5.6.1. There are no workarounds.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57819
Published : Aug. 28, 2025, 5:15 p.m. | 3 hours, 21 minutes ago
Description : FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58334 - JetBrains IDE Services Privilege Escalation Vulnerability
CVE ID : CVE-2025-58334
Published : Aug. 28, 2025, 5:15 p.m. | 3 hours, 21 minutes ago
Description : In JetBrains IDE Services before 2025.5.0.1086,
2025.4.2.2164 users without appropriate permissions could assign high-privileged role for themselves
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58335 - JetBrains Junie Remote Information Disclosure Vulnerability
CVE ID : CVE-2025-58335
Published : Aug. 28, 2025, 5:15 p.m. | 3 hours, 21 minutes ago
Description : In JetBrains Junie before 252.284.66,
251.284.66,
243.284.66,
252.284.61,
251.284.61,
243.284.61,
252.284.50,
252.284.54,
251.284.54,
251.284.50,
243.284.54,
243.284.50 information disclosure was possible via search_project function
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31979 - HCL BigFix SM File Upload Validation Bypass
CVE ID : CVE-2025-31979
Published : Aug. 28, 2025, 5:15 p.m. | 2 hours, 23 minutes ago
Description : A File Upload Validation Bypass vulnerability has been identified in the HCL BigFix SM, where the application fails to properly enforce file type restrictions during the upload process. An attacker may exploit this flaw to upload malicious or unauthorized files, such as scripts, executables, or web shells, by bypassing client-side or server-side validation mechanisms.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57756 - Contao Information Disclosure Vulnerability
CVE ID : CVE-2025-57756
Published : Aug. 28, 2025, 5:15 p.m. | 2 hours, 23 minutes ago
Description : Contao is an Open Source CMS. In versions starting from 4.9.14 and prior to 4.13.56, 5.3.38, and 5.6.1, protected content elements that are rendered as fragments are indexed and become publicly available in the front end search. This issue has been patched in versions 4.13.56, 5.3.38, and 5.6.1. A workaround involves disabling the front end search.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57757 - Contao RSS Feed Information Disclosure Vulnerability
CVE ID : CVE-2025-57757
Published : Aug. 28, 2025, 5:15 p.m. | 2 hours, 23 minutes ago
Description : Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, if a news feed contains protected news archives, their news items are not filtered and become publicly available in the RSS feed. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not adding protected news archives to the news feed page.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57758
Published : Aug. 28, 2025, 5:15 p.m. | 2 hours, 23 minutes ago
Description : Contao is an Open Source CMS. In versions starting from 5.0.0 and prior to 5.3.38 and 5.6.1, the table access voter in the back end doesn't check if a user is allowed to access the corresponding module. This issue has been patched in versions 5.3.38 and 5.6.1. A workaround involves not relying solely on the voter and additionally to check USER_CAN_ACCESS_MODULE.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31977 - HCL BigFix SM Cryptographic Weakness
CVE ID : CVE-2025-31977
Published : Aug. 28, 2025, 5:15 p.m. | 2 hours, 14 minutes ago
Description : HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31972 - HCL BigFix SM Sensitive Information Exposure
CVE ID : CVE-2025-31972
Published : Aug. 28, 2025, 5:15 p.m. | 1 hour, 6 minutes ago
Description : HCL BigFix SM is affected by a Sensitive Information Exposure vulnerability where internal connections do not use TLS encryption which could allow an attacker unauthorized access to sensitive data transmitted between internal components.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-13986 - Nagios XI Remote Code Execution Vulnerability
CVE ID : CVE-2024-13986
Published : Aug. 28, 2025, 4:15 p.m. | 2 hours, 6 minutes ago
Description : Nagios XI < 2024R1.3.2 contains a remote code execution vulnerability by chaining two flaws: an arbitrary file upload and a path traversal in the Core Config Snapshots interface. The issue arises from insufficient validation of file paths and extensions during MIB upload and snapshot rename operations. Exploitation results in the placement of attacker-controlled PHP files in a web-accessible directory, executed as the www-data user.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-25010
Published : Aug. 28, 2025, 4:15 p.m. | 2 hours, 6 minutes ago
Description : Incorrect authorization in Kibana can lead to privilege escalation via the built-in reporting_user role which incorrectly has the ability to access all Kibana Spaces.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29364
Published : Aug. 28, 2025, 4:15 p.m. | 2 hours, 6 minutes ago
Description : spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow in the READ_SYSCALL and WRITE_SYSCALL system calls. The application verifies the legitimacy of the starting and ending addresses for memory read/write operations. By configuring the starting and ending addresses for memory read/write to point to distinct memory segments within the virtual machine, it is possible to circumvent these checks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51643
Published : Aug. 28, 2025, 4:15 p.m. | 2 hours, 6 minutes ago
Description : Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is accessible without authentication or tamper protection. An attacker with physical access to the device can use a standard SPI programmer to extract the firmware using flashrom. This results in exposure of sensitive configuration data such as APN credentials, backend server information, and network parameter
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57767
Published : Aug. 28, 2025, 4:15 p.m. | 2 hours, 6 minutes ago
Description : Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.15.2, 21.10.2, and 22.5.2, if a SIP request is received with an Authorization header that contains a realm that wasn't in a previous 401 response's WWW-Authenticate header, or an Authorization header with an incorrect realm was received without a previous 401 response being sent, the get_authorization_header() function in res_pjsip_authenticator_digest will return a NULL. This wasn't being checked before attempting to get the digest algorithm from the header which causes a SEGV. This issue has been patched in versions 20.15.2, 21.10.2, and 22.5.2. There are no workarounds.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52054 - Tenda AC8 MAC Address Guessable Root Password Vulnerability
CVE ID : CVE-2025-52054
Published : Aug. 28, 2025, 3:16 p.m. | 3 hours, 5 minutes ago
Description : An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0 Firmware 16.03.33.05. The root password of the device is calculated with a static string and the last two octets of the MAC address of the device. This allows an unauthenticated attacker to authenticate with network services on the device.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54995 - Asterisk Resource Exhaustion and Leak Vulnerability
CVE ID : CVE-2025-54995
Published : Aug. 28, 2025, 3:16 p.m. | 3 hours, 5 minutes ago
Description : Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 18.26.4 and 18.9-cert17, RTP UDP ports and internal resources can leak due to a lack of session termination. This could result in leaks and resource exhaustion. This issue has been patched in versions 18.26.4 and 18.9-cert17.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55583
Published : Aug. 28, 2025, 3:16 p.m. | 3 hours, 5 minutes ago
Description : D-Link DIR-868L B1 router firmware version FW2.05WWB02 contains an unauthenticated OS command injection vulnerability in the fileaccess.cgi component. The endpoint /dws/api/UploadFile accepts a pre_api_arg parameter that is passed directly to system-level shell execution functions without sanitization or authentication. Remote attackers can exploit this to execute arbitrary commands as root via crafted HTTP requests.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-56236
Published : Aug. 28, 2025, 3:16 p.m. | 3 hours, 5 minutes ago
Description : FormCms v0.5.5 contains a stored cross-site scripting (XSS) vulnerability in the avatar upload feature. Authenticated users can upload .html files containing malicious JavaScript, which are accessible via a public URL. When a privileged user accesses the file, the script executes in their browser context.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8067 - Udisks D-BUS Loop Device Handler Index Validation Bypass
CVE ID : CVE-2025-8067
Published : Aug. 28, 2025, 3:16 p.m. | 3 hours, 5 minutes ago
Description : A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-48908 - Lychee Link Checking Action Arbitrary Code Injection Vulnerability
CVE ID : CVE-2024-48908
Published : Aug. 28, 2025, 3:15 p.m. | 3 hours, 6 minutes ago
Description : lychee link checking action checks links in Markdown, HTML, and text files using lychee. Prior to version 2.0.2, there is a potential attack of arbitrary code injection vulnerability in lychee-setup of the composite action at action.yml. This issue has been patched in version 2.0.2.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51969 - PuneethReddyHC Online Shopping System SQL Injection
CVE ID : CVE-2025-51969
Published : Aug. 28, 2025, 2:15 p.m. | 4 hours, 6 minutes ago
Description : A SQL Injection vulnerability exists in the product.php page of PuneethReddyHC Online Shopping System Advanced 1.0. This flaw is present in the product_id GET parameter, which is not properly validated before being included in a SQL statement.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51971 - PuneethReddyHC Online Shopping System Reflected XSS
CVE ID : CVE-2025-51971
Published : Aug. 28, 2025, 2:15 p.m. | 4 hours, 6 minutes ago
Description : A reflected Cross-Site Scripting (XSS) vulnerability exists in register.php of PuneethReddyHC Online Shopping System Advanced 1.0. Unsanitized user input in the f_name parameter is reflected in the server response without proper HTML encoding or output escaping. This allows remote attackers to inject arbitrary JavaScript code.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51972 - PuneethReddyHC Online Shopping System SQL Injection
CVE ID : CVE-2025-51972
Published : Aug. 28, 2025, 2:15 p.m. | 4 hours, 6 minutes ago
Description : A SQL Injection vulnerability exists in the login.php of PuneethReddyHC Online Shopping System Advanced 1.0 due to improper sanitization of user-supplied input in the keyword POST parameter.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9578
Published : Aug. 28, 2025, 2:15 p.m. | 4 hours, 5 minutes ago
Description : Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 40734.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-49790 - IBM Watson Studio on Cloud Pak for Data Cross-Site Scripting (XSS)
CVE ID : CVE-2024-49790
Published : Aug. 28, 2025, 2:15 p.m. | 1 hour, 56 minutes ago
Description : IBM Watson Studio on Cloud Pak for Data 4.0 and 5.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51967 - ProjectsAndPrograms School Management System Reflected Cross-site Scripting (XSS)
CVE ID : CVE-2025-51967
Published : Aug. 28, 2025, 2:15 p.m. | 1 hour, 56 minutes ago
Description : A Reflected Cross-site Scripting (XSS) vulnerability exists in the themeSet.php file of ProjectsAndPrograms School Management System 1.0. The application fails to sanitize user-supplied input in the theme POST parameter, allowing an attacker to inject and execute arbitrary JavaScript in a victim's browser.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51968 - PuneethReddyHC Online Shopping System SQL Injection
CVE ID : CVE-2025-51968
Published : Aug. 28, 2025, 2:15 p.m. | 1 hour, 56 minutes ago
Description : A SQL Injection vulnerability exists in the action.php file of PuneethReddyHC Online Shopping System Advanced 1.0. The application fails to properly sanitize user-supplied input in the proId POST parameter, allowing attackers to inject arbitrary SQL expressions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54724
Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxper Golo allows Reflected XSS. This issue affects Golo: from n/a through 1.7.1.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54725
Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago
Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in uxper Golo allows Authentication Abuse. This issue affects Golo: from n/a through 1.7.0.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54731
Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago
Description : Improper Control of Generation of Code ('Code Injection') vulnerability in emarket-design YouTube Showcase allows Object Injection. This issue affects YouTube Showcase: from n/a through 3.5.1.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54733 - Miles All Bootstrap Blocks Authentication Bypass
CVE ID : CVE-2025-54733
Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago
Description : Missing Authorization vulnerability in Miles All Bootstrap Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects All Bootstrap Blocks: from n/a through 1.3.28.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54734 - BPlugins B Slider Missing Authorization Vulnerability
CVE ID : CVE-2025-54734
Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago
Description : Missing Authorization vulnerability in bPlugins B Slider allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects B Slider: from n/a through 1.1.30.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54738
Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago
Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in NooTheme Jobmonster allows Authentication Abuse. This issue affects Jobmonster: from n/a through 4.7.9.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54742 - Magepeopleteam WpEvently Untrusted Data Deserialization Object Injection Vulnerability
CVE ID : CVE-2025-54742
Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago
Description : Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently allows Object Injection. This issue affects WpEvently: from n/a through 4.4.8.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58123
Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago
Description : Improper Certificate Validation in Checkmk Exchange plugin BGP Monitoring allows attackers in MitM position to intercept traffic.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58124
Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago
Description : Improper Certificate Validation in Checkmk Exchange plugin check-mk-api allows attackers in MitM position to intercept traffic.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58125
Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago
Description : Improper Certificate Validation in Checkmk Exchange plugin Freebox v6 agent allows attackers in MitM position to intercept traffic.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58126
Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago
Description : Improper Certificate Validation in Checkmk Exchange plugin VMware vSAN allows attackers in MitM position to intercept traffic.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58127
Published : Aug. 28, 2025, 1:16 p.m. | 2 hours, 56 minutes ago
Description : Improper Certificate Validation in Checkmk Exchange plugin Dell Powerscale allows attackers in MitM position to intercept traffic.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53588
Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 32 minutes ago
Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Dmitry V. (CEO of "UKR Solution") UPC/EAN/GTIN Code Generator allows Path Traversal. This issue affects UPC/EAN/GTIN Code Generator: from n/a through 2.0.2.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54029
Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 32 minutes ago
Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in extendons WooCommerce csv import export allows Path Traversal. This issue affects WooCommerce csv import export: from n/a through 2.0.6.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54710
Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 32 minutes ago
Description : Missing Authorization vulnerability in bPlugins Tiktok Feed allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Tiktok Feed: from n/a through 1.0.21.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54714
Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 32 minutes ago
Description : Missing Authorization vulnerability in Dylan James Zephyr Project Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Zephyr Project Manager: from n/a through 3.3.201.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54716
Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 32 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Ireca allows PHP Local File Inclusion. This issue affects Ireca: from n/a through 1.8.5.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54720
Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 32 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SteelThemes Nest Addons allows SQL Injection. This issue affects Nest Addons: from n/a through 1.6.3.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53337
Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago
Description : Missing Authorization vulnerability in Ashan Perera LifePress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects LifePress: from n/a through 2.1.3.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53572
Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago
Description : Deserialization of Untrusted Data vulnerability in emarket-design WP Easy Contact allows Object Injection. This issue affects WP Easy Contact: from n/a through 4.0.1.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53576 - Ovatheme Events PHP Local File Inclusion Vulnerability
CVE ID : CVE-2025-53576
Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ovatheme Ovatheme Events allows PHP Local File Inclusion. This issue affects Ovatheme Events: from n/a through 1.2.8.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53578
Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kipso allows PHP Local File Inclusion. This issue affects Kipso: from n/a through 1.3.4.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53579
Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in captcha.eu Captcha.eu allows Reflected XSS. This issue affects Captcha.eu: from n/a through n/a.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53583 - Emarket-Design Employee Spotlight Deserialization of Untrusted Data Object Injection
CVE ID : CVE-2025-53583
Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago
Description : Deserialization of Untrusted Data vulnerability in emarket-design Employee Spotlight allows Object Injection. This issue affects Employee Spotlight: from n/a through 5.1.1.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53584 - WP Ticket Customer Service Software Support Ticket System Object Injection Vulnerability
CVE ID : CVE-2025-53584
Published : Aug. 28, 2025, 1:16 p.m. | 1 hour, 11 minutes ago
Description : Deserialization of Untrusted Data vulnerability in emarket-design WP Ticket Customer Service Software & Support Ticket System allows Object Injection. This issue affects WP Ticket Customer Service Software & Support Ticket System: from n/a through 6.0.2.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54762 - D-Link Media Server Remote File Upload and Command Execution Vulnerability
CVE ID : CVE-2025-54762
Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago
Description : SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48963
Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago
Description : Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40296.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58072 - "Sony SS Path Traversal Vulnerability"
CVE ID : CVE-2025-58072
Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago
Description : Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If this vulnerability is exploited, arbitrary files may be viewed by a remote unauthenticated attacker.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52460
Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago
Description : Files or directories accessible to external parties issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If exploited, uploaded files and SS1 configuration files may be accessed by a remote unauthenticated attacker.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46409 - Samsung Smart TV Weak Encryption Authentication Bypass
CVE ID : CVE-2025-46409
Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago
Description : Inadequate encryption strength issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If this vulnerability is exploited, a function that requires authentication may be accessed by a remote unauthenticated attacker.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53970 - Apache SS Remote File Upload and Command Execution Vulnerability
CVE ID : CVE-2025-53970
Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago
Description : SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to upload arbitrary files and execute OS commands with SYSTEM privileges.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54819
Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago
Description : Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier). If this vulnerability is exploited, legitimate files may be overwritten by a remote authenticated attacker.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53396
Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago
Description : Incorrect permission assignment for critical resource issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier), which may allow users who can log in to a client terminal to obtain root privileges.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58081
Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago
Description : Use of hard-coded password issue/vulnerability in SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allows a remote unauthenticated attacker to view arbitrary files with root privileges.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-58240 - Linux Kernel TLS Use-After-Free (UAF)
CVE ID : CVE-2024-58240
Published : Aug. 28, 2025, 11:16 a.m. | 1 hour, 19 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
tls: separate no-async decryption request handling from async
If we're not doing async, the handling is much simpler. There's no
reference counting, we just need to wait for the completion to wake us
up and return its result.
We should preferably also use a separate crypto_wait. I'm not seeing a
UAF as I did in the past, I think aec7961916f3 ("tls: fix race between
async notify and socket close") took care of it.
This will make the next fix easier.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58322 - NAVER MYBOX Explorer Local Privilege Escalation Vulnerability
CVE ID : CVE-2025-58322
Published : Aug. 28, 2025, 8:15 a.m. | 4 hours, 5 minutes ago
Description : NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary commands due to improper privilege checks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6255
Published : Aug. 28, 2025, 7:15 a.m. | 5 hours, 5 minutes ago
Description : The Dynamic AJAX Product Filters for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘className’ parameter in all versions up to, and including, 1.3.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8073
Published : Aug. 28, 2025, 7:15 a.m. | 5 hours, 5 minutes ago
Description : The Dynamic AJAX Product Filters for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 1.3.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-13807 - Xagio SEO Plugin for WordPress Sensitive Information Exposure
CVE ID : CVE-2024-13807
Published : Aug. 28, 2025, 6:15 a.m. | 6 hours, 6 minutes ago
Description : The Xagio SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.1.0.5 via the backup functionality due to weak filename structure and lack of protection in the directory. This makes it possible for unauthenticated attackers to extract sensitive data from backups which can include the entire database and site's files.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7955
Published : Aug. 28, 2025, 6:15 a.m. | 6 hours, 5 minutes ago
Description : The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to improper validation within the ringcentral_admin_login_2fa_verify() function in versions 1.5 to 1.6.8. This makes it possible for unauthenticated attackers to log in as any user simply by supplying identical bogus codes.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7956 - Apache Ajax Search Lite Information Exposure Vulnerability
CVE ID : CVE-2025-7956
Published : Aug. 28, 2025, 6:15 a.m. | 6 hours, 5 minutes ago
Description : The Ajax Search Lite plugin for WordPress is vulnerable to Basic Information Exposure due to missing authorization in its AJAX search handler in all versions up to, and including, 4.13.1. This makes it possible for unauthenticated attackers to issue repeated AJAX requests to leak the content of any protected post in rolling 100‑character windows.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8977
Published : Aug. 28, 2025, 5:15 a.m. | 7 hours, 5 minutes ago
Description : The Simple Download Monitor plugin for WordPress is vulnerable to time-based SQL Injection via the order parameter in all versions up to, and including, 3.9.33 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, and permissions granted by an Administrator, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8603 - Unlimited Elements For Elementor WordPress Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-8603
Published : Aug. 28, 2025, 4:16 a.m. | 8 hours, 5 minutes ago
Description : The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 1.5.148 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9345
Published : Aug. 28, 2025, 4:16 a.m. | 8 hours, 5 minutes ago
Description : The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.8 via the ajax_downloadfile() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended directory.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9346 - Booking Calendar for WordPress Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-9346
Published : Aug. 28, 2025, 4:16 a.m. | 8 hours, 5 minutes ago
Description : The Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via settings in all versions up to, and including, 10.14.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-9648 - WordPress WP ULike Pro File Upload Vulnerability
CVE ID : CVE-2024-9648
Published : Aug. 28, 2025, 4:15 a.m. | 8 hours, 5 minutes ago
Description : The WP ULike Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the WP_Ulike_Pro_File_Uploader class in all versions up to, and including, 1.9.3. This makes it possible for unauthenticated attackers to upload limited arbitrary files like .php2, .php6, .php7, .phps, .pht, .phtm, .pgif, .shtml, .phar, .inc, .hphp, .ctp, .module, .html, .svg on the affected site's server which may make make other attacks like Cross-Site Scripting possible. Only versions up to 1.8.7 were confirmed vulnerable, however, the earliest tested version for a patch we have access to is 1.9.4, so we are considering 1.9.4 the patched version.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-0951 - LiquidThemes WordPress Theme and Plugin Unauthorized Access Vulnerability
CVE ID : CVE-2025-0951
Published : Aug. 28, 2025, 4:15 a.m. | 8 hours, 5 minutes ago
Description : Multiple plugins and/or themes for WordPress by LiquidThemes are vulnerable to unauthorized access due to a missing capability check on the liquid_reset_wordpress_before AJAX in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to deactivate all of a site's plugins. While we escalated this to Envato after not being able to establish contact, it appears the developer added a nonce check, however that is not sufficient protection as the nonce is exposed to all users with access to the dashboard.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36003 - IBM Security Verify Governance Identity Manager Information Disclosure Vulnerability
CVE ID : CVE-2025-36003
Published : Aug. 28, 2025, 3:15 a.m. | 9 hours, 5 minutes ago
Description : IBM Security Verify Governance Identity Manager 10.0.2 could allow a remote attacker to obtain sensitive information when detailed technical error messages are returned. This information could be used in further attacks against the system.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57845 - Apache HTTP Server Remote Code Execution Vulnerability
CVE ID : CVE-2025-57845
Published : Aug. 28, 2025, 3:15 a.m. | 9 hours, 5 minutes ago
Description : Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-34158. Reason: This candidate is a reservation duplicate of CVE-2025-34158. Notes: All CVE users should reference CVE-2025-34158 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7812 - Video Share VOD WordPress CSRF Vulnerability
CVE ID : CVE-2025-7812
Published : Aug. 28, 2025, 3:15 a.m. | 9 hours, 5 minutes ago
Description : The Video Share VOD – Turnkey Video Site Builder Script plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.6. This is due to missing or incorrect nonce validation on the adminExport() function. This makes it possible for unauthenticated attackers to update settings and execute remote code when the Server command execution setting is enabled via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8897
Published : Aug. 28, 2025, 3:15 a.m. | 9 hours, 5 minutes ago
Description : The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘'fl_builder' parameter in all versions up to, and including, 2.9.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9344
Published : Aug. 28, 2025, 3:15 a.m. | 9 hours, 5 minutes ago
Description : The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'uwp_profile' and 'uwp_profile_header' shortcodes in all versions up to, and including, 1.2.42 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9352 - Pronamic Google Maps for WordPress Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-9352
Published : Aug. 28, 2025, 3:15 a.m. | 9 hours, 5 minutes ago
Description : The Pronamic Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the description field in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34160 - AnyShare ServiceAgent API Remote Code Execution Vulnerability
CVE ID : CVE-2025-34160
Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago
Description : AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/start_service accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is interpreted by the backend, enabling arbitrary command execution. The vulnerability is presumed to affect builds released prior to August 2025 and is said to be remediated in newer versions of the product, though the exact affected range remains undefined.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34162 - Bian Que Feijiu Intelligent Emergency and Quality Control System SQL Injection Vulnerability
CVE ID : CVE-2025-34162
Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago
Description : An unauthenticated SQL injection vulnerability exists in the GetLyfsByParams endpoint of Bian Que Feijiu Intelligent Emergency and Quality Control System, accessible via the /AppService/BQMedical/WebServiceForFirstaidApp.asmx interface. The backend fails to properly sanitize user-supplied input in the strOpid parameter, allowing attackers to inject arbitrary SQL statements. This can lead to data exfiltration, authentication bypass, and potentially remote code execution, depending on backend configuration. The vulnerability is presumed to affect builds released prior to June 2025 and is said to be remediated in newer versions of the product, though the exact affected range remains undefined.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34163
Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago
Description : Dongsheng Logistics Software exposes an unauthenticated endpoint at /CommMng/Print/UploadMailFile that fails to enforce proper file type validation and access control. An attacker can upload arbitrary files, including executable scripts such as .ashx, via a crafted multipart/form-data POST request. This allows remote code execution on the server, potentially leading to full system compromise. The vulnerability is presumed to affect builds released prior to July 2025 and is said to be remediated in newer versions of the product, though the exact affected range remains undefined.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34520 - Arcserve Unified Data Protection Authentication Bypass Vulnerability
CVE ID : CVE-2025-34520
Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago
Description : An authentication bypass vulnerability in Arcserve Unified Data Protection (UDP) allows unauthenticated attackers to gain unauthorized access to protected functionality or user accounts. By manipulating specific request parameters or exploiting a logic flaw, an attacker can bypass login mechanisms without valid credentials and access administrator-level features. This vulnerability affects all UDP versions prior to 10.2. UDP 10.2 includes the necessary patches and requires no action. Versions 8.0 through 10.1 are supported and require either patch application or upgrade to 10.2. Versions 7.x and earlier are unsupported or out of maintenance and must be upgraded to 10.2 to remediate the issue.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34521
Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the Arcserve Unified Data Protection (UDP), where unsanitized user input is improperly reflected in HTTP responses. This flaw allows remote attackers with low privileges to craft malicious links that, when visited by another user, execute arbitrary JavaScript in the victim’s browser. Successful exploitation may lead to session hijacking, credential theft, or other client-side impacts. The vulnerability requires user interaction and occurs within a shared browser context. This vulnerability affects all UDP versions prior to 10.2. UDP 10.2 includes the necessary patches and requires no action. Versions 8.0 through 10.1 are supported and require either patch application or upgrade to 10.2. Versions 7.x and earlier are unsupported or out of maintenance and must be upgraded to 10.2 to remediate the issue.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34522 - Arcserve Unified Data Protection Heap-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-34522
Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago
Description : A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified Data Protection (UDP). This flaw can be triggered without authentication by sending specially crafted input to the target system. Improper bounds checking allows an attacker to overwrite heap memory, potentially leading to application crashes or remote code execution. Exploitation occurs in the context of the affected process and does not require user interaction. The vulnerability poses a high risk due to its pre-authentication nature and potential for full compromise. This vulnerability affects all UDP versions prior to 10.2. UDP 10.2 includes the necessary patches and requires no action. Versions 8.0 through 10.1 are supported and require either patch application or upgrade to 10.2. Versions 7.x and earlier are unsupported or out of maintenance and must be upgraded to 10.2 to remediate the issue.
Severity: 9.2 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34523
Published : Aug. 27, 2025, 10:15 p.m. | 14 hours, 5 minutes ago
Description : A heap-based buffer overflow vulnerability exists in the exists in the network-facing input handling routines of Arcserve Unified Data Protection (UDP). This flaw is reachable without authentication and results from improper bounds checking when processing attacker-controlled input. By sending specially crafted data, a remote attacker can corrupt heap memory, potentially causing a denial of service or enabling arbitrary code execution depending on the memory layout and exploitation techniques used. This vulnerability is similar in nature to CVE-2025-34522 but affects a separate code path or component. No user interaction is required, and exploitation occurs in the context of the vulnerable process. This vulnerability affects all UDP versions prior to 10.2. UDP 10.2 includes the necessary patches and requires no action. Versions 8.0 through 10.1 are supported and require either patch application or upgrade to 10.2. Versions 7.x and earlier are unsupported or out of maintenance and must be upgraded to 10.2 to remediate the issue.
Severity: 9.2 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-13982 - SPON IP Network Broadcast System Arbitrary File Read Vulnerability
CVE ID : CVE-2024-13982
Published : Aug. 27, 2025, 10:15 p.m. | 9 hours, 12 minutes ago
Description : SPON IP Network Broadcast System, a digital audio transmission platform developed by SPON Communications, contains an arbitrary file read vulnerability in the rj_get_token.php endpoint. The flaw arises from insufficient input validation on the jsondata[url] parameter, which allows attackers to perform directory traversal and access sensitive files on the server. An unauthenticated remote attacker can exploit this vulnerability by sending a crafted POST request to read arbitrary files, potentially exposing system configuration, credentials, or internal logic. An affected version range is undefined.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-13984 - QiAnXin TianQing Management Center RPTSVR Path Traversal Vulnerability
CVE ID : CVE-2024-13984
Published : Aug. 27, 2025, 10:15 p.m. | 9 hours, 12 minutes ago
Description : QiAnXin TianQing Management Center versions up to and including 6.7.0.4130 contain a path traversal vulnerability in the rptsvr component that allows unauthenticated attackers to upload files to arbitrary locations on the server. The /rptsvr/upload endpoint fails to sanitize the filename parameter in multipart form-data requests, enabling path traversal. This allows attackers to place executable files in web-accessible directories, potentially leading to remote code execution.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-13985
Published : Aug. 27, 2025, 10:15 p.m. | 9 hours, 12 minutes ago
Description : A command injection vulnerability in Dahua EIMS versions prior to 2240008 allows unauthenticated remote attackers to execute arbitrary system commands via the capture_handle.action interface. The flaw stems from improper input validation in the captureCommand parameter, which is processed without sanitization or authentication. By sending crafted HTTP requests, attackers can inject OS-level commands that are executed on the server, leading to full system compromise.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-13979 - St. Joe ERP System SQL Injection Vulnerability
CVE ID : CVE-2024-13979
Published : Aug. 27, 2025, 10:15 p.m. | 8 hours, 14 minutes ago
Description : A SQL injection vulnerability exists in the St. Joe ERP system ("圣乔ERP系统") that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login endpoint. The application fails to properly sanitize user-supplied input before incorporating it into SQL queries, enabling direct manipulation of the backend database. Successful exploitation may result in unauthorized data access, modification of records, or limited disruption of service. An affected version range is undefined.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-13980 - H3C Intelligent Management Center Remote Command Execution Vulnerability
CVE ID : CVE-2024-13980
Published : Aug. 27, 2025, 10:15 p.m. | 8 hours, 14 minutes ago
Description : H3C Intelligent Management Center (IMC) versions up to and including E0632H07 contains a remote command execution vulnerability in the /byod/index.xhtml endpoint. Improper handling of JSF ViewState allows unauthenticated attackers to craft POST requests with forged javax.faces.ViewState parameters, potentially leading to arbitrary command execution. This flaw does not require authentication and may be exploited without session cookies. An affected version range is undefined.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-13981
Published : Aug. 27, 2025, 10:15 p.m. | 8 hours, 14 minutes ago
Description : LiveBOS, an object-oriented business architecture middleware suite developed by Apex Software Co., Ltd., contains an arbitrary file upload vulnerability in its UploadFile.do;.js.jsp endpoint. This flaw affects the LiveBOS Server component and allows unauthenticated remote attackers to upload crafted files outside the intended directory structure via path traversal in the filename parameter. Successful exploitation may lead to remote code execution on the server, enabling full system compromise. The vulnerability is presumed to affect builds released prior to August 2024 and is said to be remediated in newer versions of the product, though the exact affected range remains undefined.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-7309
Published : Aug. 27, 2025, 10:15 p.m. | 7 hours, 11 minutes ago
Description : A path traversal vulnerability exists in the Dahua Smart Park Integrated Management Platform (also referred to as the Dahua Smart Campus Integrated Management Platform), affecting the SOAP-based GIS bitmap upload interface. The flaw allows unauthenticated remote attackers to upload arbitrary files to the server via crafted SOAP requests, including executable JSP payloads. Successful exploitation may lead to remote code execution (RCE) and full compromise of the affected system. The vulnerability is presumed to affect builds released prior to September 2023 and is said to be remediated in newer versions of the product, though the exact affected range remains undefined.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2018-25115
Published : Aug. 27, 2025, 10:15 p.m. | 6 hours, 14 minutes ago
Description : Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system commands without authentication. The flaw stems from improper input handling in the EVENT=CHECKFW parameter, which is passed directly to the system shell without sanitization. A crafted HTTP POST request can inject commands that are executed with root privileges, resulting in full device compromise. These router models are no longer supported at the time of assignment and affected version ranges may vary.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-7307 - Sangfor Behavior Management System XXE Injection Vulnerability
CVE ID : CVE-2023-7307
Published : Aug. 27, 2025, 10:15 p.m. | 6 hours, 14 minutes ago
Description : Sangfor Behavior Management System (also referred to as DC Management System in Chinese-language documentation) contains an XML external entity (XXE) injection vulnerability in the /src/sangforindex endpoint. A remote unauthenticated attacker can submit crafted XML data containing external entity definitions, leading to potential disclosure of internal files, server-side request forgery (SSRF), or other impacts depending on parser behavior. The vulnerability is due to improper configuration of the XML parser, which allows resolution of external entities without restriction. This product is now integrated into their IAM (Internet Access Management) platform and an affected version range is undefined.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-7308 - NSFOCUS SecGate3600 Authentication Bypass Information Disclosure
CVE ID : CVE-2023-7308
Published : Aug. 27, 2025, 10:15 p.m. | 6 hours, 14 minutes ago
Description : SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information disclosure vulnerability in the /cgi-bin/authUser/authManageSet.cgi endpoint. The affected component fails to enforce authentication checks on POST requests to retrieve user data. An unauthenticated remote attacker can exploit this flaw to obtain sensitive information, including user identifiers and configuration details, by sending crafted requests to the vulnerable endpoint. An affected version range is undefined.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40779
Published : Aug. 27, 2025, 9:15 p.m. | 7 hours, 14 minutes ago
Description : If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the `kea-dhcp4` process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem.
This issue affects Kea versions 2.7.1 through 2.7.9, 3.0.0, and 3.1.0.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5101
Published : Aug. 27, 2025, 8:15 p.m. | 8 hours, 14 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that under certain conditions could have allowed an authenticated attacker to distribute malicious code that appears harmless in the web interface by taking advantage of ambiguity between branches and tags during repository imports.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-37777
Published : Aug. 27, 2025, 8:15 p.m. | 6 hours, 14 minutes ago
Description : O2OA v9.0.3 was discovered to contain a remote code execution (RCE) vulnerability via the mainOutput() function.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2246 - GitLab Unauthenticated GraphQL API Access Vulnerability
CVE ID : CVE-2025-2246
Published : Aug. 27, 2025, 8:15 p.m. | 6 hours, 14 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have allowed unauthenticated users to access sensitive manual CI/CD variables by querying the GraphQL API.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3601 - GitLab Denial of Service (DoS) in URL Processing
CVE ID : CVE-2025-3601
Published : Aug. 27, 2025, 8:15 p.m. | 6 hours, 14 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 8.15 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that could have could have allowed an authenticated user to cause a Denial of Service (DoS) condition by submitting URLs that generate excessively large responses.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4225
Published : Aug. 27, 2025, 8:15 p.m. | 6 hours, 14 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 14.1 before 18.1.5, 18.2 before 18.2.5, and 18.3 before 18.3.1 that that under certain conditions could have allowed an unauthenticated attacker to cause a denial-of-service condition affecting all users by sending specially crafted GraphQL requests.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55582
Published : Aug. 27, 2025, 8:15 p.m. | 6 hours, 14 minutes ago
Description : D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog script `mydlink-watch-dog.sh`, which blindly respawns binaries such as `dcp` and `signalc` without verifying integrity, authenticity, or permissions. An attacker with local filesystem access (via physical access, firmware modification, or debug interfaces) can replace these binaries with malicious payloads. The script executes these binaries as root in an infinite loop, leading to persistent privilege escalation and arbitrary code execution. This issue is mitigated in v1.09.02, but the product is officially End-of-Life and unsupported.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55618
Published : Aug. 27, 2025, 8:15 p.m. | 6 hours, 14 minutes ago
Description : In Hyundai Navigation App STD5W.EUR.HMC.230516.afa908d, an attacker can inject HTML payloads in the profile name field in navigation app which then get rendered.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55495
Published : Aug. 27, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58050
Published : Aug. 27, 2025, 7:15 p.m. | 1 hour, 27 minutes ago
Description : The PCRE2 library is a set of C functions that implement regular expression pattern matching. In version 10.45, a heap-buffer-overflow read vulnerability exists in the PCRE2 regular expression matching engine, specifically within the handling of the (*scs:...) (Scan SubString) verb when combined with (*ACCEPT) in src/pcre2_match.c. This vulnerability may potentially lead to information disclosure if the out-of-bounds data read during the memcmp affects the final match result in a way observable by the attacker. This issue has been resolved in version 10.46.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58196 - UiCore Elements Cross-site Scripting Vulnerability
CVE ID : CVE-2025-58196
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uicore UiCore Elements allows Stored XSS. This issue affects UiCore Elements: from n/a through 1.3.4.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58197
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mra13 / Team Tips and Tricks HQ Simple Download Monitor allows Stored XSS. This issue affects Simple Download Monitor: from n/a through 3.9.34.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58198
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Missing Authorization vulnerability in Xpro Xpro Theme Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Xpro Theme Builder: from n/a through 1.2.9.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58201
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Missing Authorization vulnerability in AfterShip & Automizely AfterShip Tracking allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects AfterShip Tracking: from n/a through 1.17.17.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58202
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Plugins and Snippets Simple Page Access Restriction allows Cross Site Request Forgery. This issue affects Simple Page Access Restriction: from n/a through 1.0.32.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58203
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Server-Side Request Forgery (SSRF) vulnerability in solacewp Solace Extra allows Server Side Request Forgery. This issue affects Solace Extra: from n/a through 1.3.2.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58204 - Eric Teubert Podlove Podcast Publisher Open Redirect Phishing
CVE ID : CVE-2025-58204
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Eric Teubert Podlove Podcast Publisher allows Phishing. This issue affects Podlove Podcast Publisher: from n/a through 4.2.5.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58205
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Element Invader ElementInvader Addons for Elementor allows DOM-Based XSS. This issue affects ElementInvader Addons for Elementor: from n/a through 1.3.6.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58208 - Elementor Forms + Drag And Drop Template Builder Cross-site Scripting
CVE ID : CVE-2025-58208
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in add-ons.org PDF for Elementor Forms + Drag And Drop Template Builder allows Stored XSS. This issue affects PDF for Elementor Forms + Drag And Drop Template Builder: from n/a through 6.2.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58209
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rtCamp Transcoder allows Stored XSS. This issue affects Transcoder: from n/a through 1.4.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58211
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alexvtn Chatbox Manager allows Stored XSS. This issue affects Chatbox Manager: from n/a through 1.2.6.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58212 - Epeken All Kurir DOM-Based Cross-site Scripting
CVE ID : CVE-2025-58212
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in epeken Epeken All Kurir allows DOM-Based XSS. This issue affects Epeken All Kurir: from n/a through 2.0.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58213 - Trafft Booking System Stored Cross-Site Scripting
CVE ID : CVE-2025-58213
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ameliabooking Booking System Trafft allows Stored XSS. This issue affects Booking System Trafft: from n/a through 1.0.14.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58216
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgwhite33 WP Thumbtack Review Slider allows Stored XSS. This issue affects WP Thumbtack Review Slider: from n/a through 2.6.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58217
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in GeroNikolov Instant Breaking News allows Stored XSS. This issue affects Instant Breaking News: from n/a through 1.0.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58218
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 27 minutes ago
Description : Deserialization of Untrusted Data vulnerability in enituretechnology Small Package Quotes – USPS Edition allows Object Injection. This issue affects Small Package Quotes – USPS Edition: from n/a through 1.3.9.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50979
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago
Description : NodeBB v4.3.0 is vulnerable to SQL injection in its search-categories API endpoint (/api/v3/search/categories). The search query parameter is not properly sanitized, allowing unauthenticated, remote attackers to inject boolean-based blind and PostgreSQL error-based payloads.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51667
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago
Description : An issue was discovered in simple-admin-core v1.2.0 thru v1.6.7. The /sys-api/role/update interface in the simple-admin-core system has a limited SQL injection vulnerability, which may lead to partial data leakage or disruption of normal system operations.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55422 - FoxCMS Reflected Cross Site Scripting (XSS)
CVE ID : CVE-2025-55422
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago
Description : In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58192
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago
Description : Missing Authorization vulnerability in Xylus Themes WP Bulk Delete allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Bulk Delete: from n/a through 1.3.6.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58193
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago
Description : Missing Authorization vulnerability in Uncanny Owl Uncanny Automator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Uncanny Automator: from n/a through 6.7.0.1.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58194
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in boldthemes Bold Page Builder allows Stored XSS. This issue affects Bold Page Builder: from n/a through 5.4.3.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58195
Published : Aug. 27, 2025, 6:15 p.m. | 2 hours, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS. This issue affects Xpro Elementor Addons: from n/a through 1.4.17.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57821
Published : Aug. 27, 2025, 5:15 p.m. | 2 hours, 3 minutes ago
Description : Basecamp's Google Sign-In adds Google sign-in to Rails applications. Prior to version 1.3.0, it is possible to craft a malformed URL that passes the "same origin" check, resulting in the user being redirected to another origin. Rails applications configured to store the flash information in a session cookie may be vulnerable, if this can be chained with an attack that allows injection of arbitrary data into the session cookie. This issue has been patched in version 1.3.0. If upgrading is not possible at this time, a way to mitigate the chained attack can be done by explicitly setting SameSite=Lax or SameSite=Strict on the application session cookie.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5187
Published : Aug. 27, 2025, 5:15 p.m. | 2 hours, 3 minutes ago
Description : A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently deleted, the given node object will be deleted via garbage collection.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20241 - Cisco Nexus IS-IS Protocol Denial of Service Vulnerability
CVE ID : CVE-2025-20241
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload.
This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause the unexpected restart of the IS-IS process, which could cause the affected device to reload, resulting in a denial of service (DoS) condition.
Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20262 - Cisco Nexus PIM6 Ephemeral Query Processing Remote Denial of Service
CVE ID : CVE-2025-20262
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.
This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20290
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches in standalone NX-OS mode, Cisco UCS 6400 Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects, and Cisco UCS 9108 100G Fabric Interconnects could allow an authenticated, local attacker access to sensitive information.
This vulnerability is due to improper logging of sensitive information. An attacker could exploit this vulnerability by accessing log files on the file system where they are stored. A successful exploit could allow the attacker to access sensitive information, such as stored credentials.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20292
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by entering crafted input as the argument of an affected CLI command. A successful exploit could allow the attacker to read and write files on the underlying operating system with the privileges of a non-root user account. File system access is limited to the permissions that are granted to that non-root user account.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20294
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : Multiple vulnerabilities in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root.
These vulnerabilities are due to insufficient input validation of command arguments supplied by the user. An attacker could exploit these vulnerabilities by authenticating to a device and submitting crafted input to the affected commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of the affected device with root-level privileges.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20295
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to read or create a file or overwrite any file on the file system of the underlying operating system of an affected device, including system files.
This vulnerability is due to insufficient input validation of command arguments supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to read or create a file or overwrite any file on the file system of the underlying operating system of the affected device, including system files. To exploit this vulnerability, the attacker must have valid administrative credentials on the affected device.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20296
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : A vulnerability in the web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious data into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must be a member of the Administrator or AAA Administrator role.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20317
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to redirect a user to a malicious website.
This vulnerability is due to insufficient verification of vKVM endpoints. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious webpage and potentially capture user credentials.
Note: The affected vKVM client is also included in Cisco UCS Manager.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20342
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid user credentials with privileges that allow for vKVM access on the affected device.
Note: The affected vKVM client is also included in Cisco UCS Manager.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20344
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : A vulnerability in the backup restore functionality of Cisco Nexus Dashboard could allow an authenticated, remote attacker to conduct a path traversal attack on an affected device.
This vulnerability is due to insufficient validation of the contents of a backup file. An attacker with valid Administrator credentials could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to gain root privileges on the underlying shell on the affected device.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20347 - "Cisco Nexus Dashboard and NDFC REST API Endpoint Authorization Bypass"
CVE ID : CVE-2025-20347
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device.
This vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit th vulnerability by sending crafted API requests to an affected endpoint. A successful exploit could allow the attacker to perform limited Administrator functions, such as accessing sensitive information regarding HTTP Proxy and NTP configurations, uploading images, and damaging image files on an affected device.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20348 - Cisco Nexus Dashboard and Fabric Controller Unauthorized File Access and Modification
CVE ID : CVE-2025-20348
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to view sensitive information or upload and modify files on an affected device.
This vulnerability exists because of missing authorization controls on some REST API endpoints. An attacker could exploit th vulnerability by sending crafted API requests to an affected endpoint. A successful exploit could allow the attacker to perform limited Administrator functions, such as accessing sensitive information regarding HTTP Proxy and NTP configurations, uploading images, and damaging image files on an affected device.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34157
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a stored cross-site scripting (XSS) attack in the project creation workflow. An authenticated user with low privileges can create a project with a maliciously crafted name containing embedded JavaScript. When an administrator attempts to delete the project or its associated resource, the payload executes in the admin’s browser context. This results in full compromise of the Coolify instance, including theft of API tokens, session cookies, and access to WebSocket-based terminal sessions on managed servers.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34159
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : Coolify versions prior to v4.0.0-beta.420.6 are vulnerable to a remote code execution vulnerability in the application deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary Docker Compose directives during project creation. By crafting a malicious service definition that mounts the host root filesystem, an attacker can gain full root access to the underlying server.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34161
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution vulnerability in the project deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary shell commands via the Git Repository field during project creation. By submitting a crafted repository string containing command injection syntax, an attacker can execute arbitrary commands on the underlying host system, resulting in full server compromise.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50428
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the includes/hostapd.php script. The vulnerability is due to improper sanitizing of user input passed via the interface parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50977
Published : Aug. 27, 2025, 5:15 p.m. | 1 hour, 3 minutes ago
Description : A template injection vulnerability leading to reflected cross-site scripting (XSS) has been identified in version 1.7.1, requiring authenticated admin access for exploitation. The vulnerability exists in the 'r' parameter and allows attackers to inject malicious Angular expressions that execute JavaScript code in the context of the application. The flaw can be exploited through GET requests to the summary endpoint as well as POST requests to specific Wicket interface endpoints, though the GET method provides easier weaponization. This vulnerability enables authenticated administrators to execute arbitrary client-side code, potentially leading to session hijacking, data theft, or further privilege escalation attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50978
Published : Aug. 27, 2025, 4:15 p.m. | 2 hours, 3 minutes ago
Description : In Gitblit v1.7.1, a reflected cross-site scripting (XSS) vulnerability exists in the way repository path names are handled. By injecting a specially crafted path payload an attacker can cause arbitrary JavaScript to execute when a victim views the manipulated URL. This flaw stems from insufficient input sanitization of filename elements.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50983
Published : Aug. 27, 2025, 4:15 p.m. | 2 hours, 3 minutes ago
Description : SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fails to properly sanitize user-supplied input, allowing attackers to inject and execute arbitrary SQL commands against the backend SQLite database. Sqlmap confirmed exploitation via stacked queries, demonstrating that the parameter can be abused to run arbitrary SQL statements. A heavy query was executed using SQLite's RANDOMBLOB() and HEX() functions to simulate a time-based payload, indicating deep control over database interactions.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50984
Published : Aug. 27, 2025, 4:15 p.m. | 2 hours, 3 minutes ago
Description : diskover-web v2.3.0 Community Edition is vulnerable to multiple boolean-based blind SQL injection flaws in its Elasticsearch configuration form. Unsanitized user input in POST parameters such as ES_PASS, ES_MAXSIZE, ES_TRANSLOGSIZE, ES_TIMEOUT, ES_USER, ES_HOST, ES_PORT, ES_SCROLLSIZE, ES_CHUNKSIZE and others can be crafted to inject arbitrary SQLite expressions wrapped in JSON functions. By exploiting these injection points, an attacker can infer or extract sensitive information from the underlying database without authentication. This issue stems from improper input validation and parameterization in the application's JSON-based query construction.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54598
Published : Aug. 27, 2025, 4:15 p.m. | 2 hours, 3 minutes ago
Description : The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53105
Published : Aug. 27, 2025, 3:15 p.m. | 3 hours, 3 minutes ago
Description : GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 10.0.0 to before 10.0.19, a connected user without administration rights can change the rules execution order. This issue has been patched in version 10.0.19.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9533
Published : Aug. 27, 2025, 3:15 p.m. | 3 hours, 3 minutes ago
Description : A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. Affected is an unknown function of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to improper authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50972
Published : Aug. 27, 2025, 3:15 p.m. | 1 hour, 12 minutes ago
Description : SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthenticated attackers to execute arbitrary SQL commands via the tmpl_id parameter to index.php. Three techniques have been demonstrated: error-based injection using a crafted FLOOR-based payload, time-based blind injection via SLEEP(), and UNION-based injection to extract arbitrary data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50985 - Diskover-web Community Edition Cross-Site Scripting (XSS)
CVE ID : CVE-2025-50985
Published : Aug. 27, 2025, 3:15 p.m. | 1 hour, 12 minutes ago
Description : diskover-web v2.3.0 Community Edition is vulnerable to multiple reflected cross-site scripting (XSS) flaws in its web interface. Unsanitized GET parameters including maxage, maxindex, index, path, q (query), and doctype are directly echoed into the HTML response, allowing attackers to inject and execute arbitrary JavaScript when a victim visits a maliciously crafted URL.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50986
Published : Aug. 27, 2025, 3:15 p.m. | 1 hour, 12 minutes ago
Description : diskover-web v2.3.0 Community Edition suffers from multiple stored cross-site scripting (XSS) vulnerabilities in its administrative settings interface. Various configuration fields such as ES_HOST, ES_INDEXREFRESH, ES_PORT, ES_SCROLLSIZE, ES_TRANSLOGSIZE, ES_TRANSLOGSYNCINT, EXCLUDES_FILES, FILE_TYPES[], INCLUDES_DIRS, INCLUDES_FILES, and TIMEZONE do not properly sanitize user-supplied input. Malicious payloads submitted via these parameters are persisted in the application and executed whenever an administrator views or edits the settings page.
Severity: 5.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50989
Published : Aug. 27, 2025, 3:15 p.m. | 1 hour, 12 minutes ago
Description : OPNsense 25.1 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint (interfaces_bridge_edit.php). The span POST parameter is concatenated into a system-level command without proper sanitization or escaping, allowing an administrator to inject arbitrary shell operators and payloads. Successful exploitation grants RCE with the privileges of the web service (typically root), potentially leading to full system compromise or lateral movement. This vulnerability arises from inadequate input validation and improper handling of user-supplied data in backend command invocations.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52122
Published : Aug. 27, 2025, 3:15 p.m. | 1 hour, 12 minutes ago
Description : Freeform 5.0.0 to before 5.10.16, a plugin for CraftCMS, contains an Server-side template injection (SSTI) vulnerability, resulting in arbitrary code injection for all users that have access to editing a form (submission title).
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43728
Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago
Description : Dell ThinOS 10, versions prior to 2508_10.0127, contain a Protection Mechanism Failure vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass.
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43729
Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago
Description : Dell ThinOS 10, versions prior to 2508_10.0127, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Elevation of Privileges and Unauthorized Access.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43730
Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago
Description : Dell ThinOS 10, versions prior to 2508_10.0127, contains an Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability. A local unauthenticated user could potentially exploit this vulnerability leading to Elevation of Privileges and Information disclosure.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43882
Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago
Description : Dell ThinOS 10, versions prior to 2508_10.0127, contains an Unverified Ownership vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Unauthorized Access.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-56694
Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago
Description : Client-side password validation (CWE-602) in lumasoft fotoShare Cloud 2025-03-13 allowing unauthenticated attackers to view password-protected photo albums.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9527
Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago
Description : A vulnerability was found in Linksys E1700 1.0.0.4.003. This affects the function QoSSetup of the file /goform/QoSSetup. Performing manipulation of the argument ack_policy results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9528 - Linksys E1700 OS Command Injection Vulnerability
CVE ID : CVE-2025-9528
Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago
Description : A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability affects the function systemCommand of the file /goform/systemCommand. Executing manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9529 - Campcodes Payroll Management System Remote File Inclusion Vulnerability
CVE ID : CVE-2025-9529
Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago
Description : A weakness has been identified in Campcodes Payroll Management System 1.0. The affected element is the function include of the file /index.php. This manipulation of the argument page causes file inclusion. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9531
Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago
Description : A vulnerability was detected in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/agenda.php of the component Agenda Module. Performing manipulation of the argument cod_agenda results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9532
Published : Aug. 27, 2025, 2:15 p.m. | 2 hours, 12 minutes ago
Description : A flaw has been found in Portabilis i-Educar up to 2.10. This impacts an unknown function of the file /RegraAvaliacao/view. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9525
Published : Aug. 27, 2025, 1:15 p.m. | 3 hours, 12 minutes ago
Description : A flaw has been found in Linksys E1700 1.0.0.4.003. Affected by this vulnerability is the function setWan of the file /goform/setWan. This manipulation of the argument DeviceName/lanIp causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9526
Published : Aug. 27, 2025, 1:15 p.m. | 3 hours, 12 minutes ago
Description : A vulnerability has been found in Linksys E1700 1.0.0.4.003. Affected by this issue is the function setSysAdm of the file /goform/setSysAdm. Such manipulation of the argument rm_port leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30059
Published : Aug. 27, 2025, 11:15 a.m. | 5 hours, 12 minutes ago
Description : In the PrepareCDExportJSON.pl service, the "getPerfServiceIds" function is vulnerable to SQL injection.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30060 - Apache HTTP Server SQL Injection Vulnerability
CVE ID : CVE-2025-30060
Published : Aug. 27, 2025, 11:15 a.m. | 5 hours, 12 minutes ago
Description : In the ReturnUserUnitsXML.pl service, the "getUserInfo" function is vulnerable to SQL injection through the "UserID" parameter.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30061 - Apache HTTP Server SQL Injection Vulnerability
CVE ID : CVE-2025-30061
Published : Aug. 27, 2025, 11:15 a.m. | 5 hours, 12 minutes ago
Description : In the "utils/Reporter/OpenReportWindow.pl" service, there is an SQL injection vulnerability through the "UserID" parameter.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30063 - Apache HTTP Server Unsecured Configuration File Vulnerability
CVE ID : CVE-2025-30063
Published : Aug. 27, 2025, 11:15 a.m. | 5 hours, 12 minutes ago
Description : The configuration file containing database logins and passwords is readable by any local user.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30064
Published : Aug. 27, 2025, 11:15 a.m. | 5 hours, 12 minutes ago
Description : An insufficiently secured internal function allows session generation for arbitrary users. The decodeParam function checks the JWT but does not verify which signing algorithm was used. As a result, an attacker can use the "ex:action" parameter in the VerifyUserByThrustedService function to generate a session for any user.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9523
Published : Aug. 27, 2025, 11:15 a.m. | 5 hours, 12 minutes ago
Description : A vulnerability was detected in Tenda AC1206 15.03.06.23. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used.
Severity: 10.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2313 - HP Print pl Arbitrary Code Execution Vulnerability
CVE ID : CVE-2025-2313
Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago
Description : In the Print.pl service, the "uhcPrintServerPrint" function allows execution of arbitrary code via the "CopyCounter" parameter.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30036
Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago
Description : Stored XSS vulnerability exists in the "Oddział" (Ward) module, in the death diagnosis description field, and allows the execution of arbitrary JavaScript code. This can lead to session hijacking of other users and potentially to privilege escalation up to full administrative rights.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30037 - Apache HTTP Server Unauthenticated Remote Access
CVE ID : CVE-2025-30037
Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago
Description : The system exposes several endpoints, typically including "/int/" in their path, that should be restricted to internal services, but are instead publicly accessible without authentication to any host able to reach the application server on port 443/tcp.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30038
Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago
Description : The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream (ADS) for all files downloaded from potentially untrusted sources.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30039
Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago
Description : Unauthenticated access to the "/cgi-bin/CliniNET.prd/GetActiveSessions.pl" endpoint allows takeover of any user session logged into the system, including users with admin privileges.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30040 - Apache CliniNET Information Disclosure
CVE ID : CVE-2025-30040
Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago
Description : The vulnerability allows unauthenticated users to download a file containing session ID data by directly accessing the "/cgi-bin/CliniNET.prd/utils/userlogxls.pl" endpoint.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30041 - Apache CliniNET Session ID Exposure Vulnerability
CVE ID : CVE-2025-30041
Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago
Description : The paths "/cgi-bin/CliniNET.prd/utils/userlogstat.pl", "/cgi-bin/CliniNET.prd/utils/usrlogstat.pl", and "/cgi-bin/CliniNET.prd/utils/dblogstat.pl" expose data containing session IDs.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30048 - Apache Server Unauthenticated Access to Configuration Credentials
CVE ID : CVE-2025-30048
Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago
Description : The "serverConfig" endpoint, which returns the module configuration including credentials, is accessible without authentication.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30055
Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago
Description : The "system" function receives untrusted input from the user. If the "EnableJSCaching" option is enabled, it is possible to execute arbitrary code provided as the "Module" parameter.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30056
Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago
Description : The RunCommand function accepts any parameter, which is then passed for execution in the shell. This allows an attacker to execute arbitrary code on the system.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30057 - Microsoft UHCRTFDoc Command Injection Vulnerability
CVE ID : CVE-2025-30057
Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago
Description : In UHCRTFDoc, the filename parameter can be exploited to execute arbitrary code via command injection into the system() call in the ConvertToPDF function.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30058
Published : Aug. 27, 2025, 11:15 a.m. | 3 hours, 12 minutes ago
Description : In the PatientService.pl service, the "getPatientIdentifier" function is vulnerable to SQL injection through the "pesel" parameter.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2021-4459 - Sunny Boy Path Traversal Vulnerability
CVE ID : CVE-2021-4459
Published : Aug. 27, 2025, 8:15 a.m. | 6 hours, 12 minutes ago
Description : An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected Sunny Boy devices.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57846
Published : Aug. 27, 2025, 6:15 a.m. | 8 hours, 12 minutes ago
Description : Multiple i-フィルター products contain an issue with incorrect default permissions. If this vulnerability is exploited, a local authenticated attacker may replace a service executable on the system where the product is running, potentially allowing arbitrary code execution with SYSTEM privileges.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9511 - iSourcecode Apartment Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9511
Published : Aug. 27, 2025, 6:15 a.m. | 8 hours, 12 minutes ago
Description : A vulnerability was identified in itsourcecode Apartment Management System 1.0. This vulnerability affects unknown code of the file /visitor/addvisitor.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9513
Published : Aug. 27, 2025, 6:15 a.m. | 8 hours, 12 minutes ago
Description : A flaw has been found in editso fuso up to 1.0.4-beta.7. This affects the function PenetrateRsaAndAesHandshake of the file src/net/penetrate/handshake/mod.rs. This manipulation of the argument priv_key causes inadequate encryption strength. Remote exploitation of the attack is possible. A high degree of complexity is needed for the attack. The exploitability is reported as difficult.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9514
Published : Aug. 27, 2025, 6:15 a.m. | 8 hours, 12 minutes ago
Description : A vulnerability has been found in macrozheng mall up to 1.0.3. This impacts an unknown function of the component Registration. Such manipulation leads to weak password requirements. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is said to be difficult. The vendor deleted the GitHub issue for this vulnerability without and explanation.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57797
Published : Aug. 27, 2025, 6:15 a.m. | 6 hours, 3 minutes ago
Description : Incorrect privilege assignment vulnerability exists in ScanSnap Manager installers versions prior to V6.5L61. If this vulnerability is exploited, an authenticated local attacker may escalate privileges and execute an arbitrary command.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9510 - iSourcecode Apartment Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9510
Published : Aug. 27, 2025, 5:15 a.m. | 7 hours, 3 minutes ago
Description : A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /branch/addbranch.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48081
Published : Aug. 27, 2025, 5:15 a.m. | 6 hours, 1 minute ago
Description : Path Traversal: '.../...//' vulnerability in Printeers Printeers Print & Ship allows Path Traversal.This issue affects Printeers Print & Ship: from n/a through 1.17.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9508 - iSourcecode Apartment Management System SQL Injection
CVE ID : CVE-2025-9508
Published : Aug. 27, 2025, 5:15 a.m. | 6 hours, 1 minute ago
Description : A vulnerability was detected in itsourcecode Apartment Management System 1.0. The impacted element is an unknown function of the file /report/rented_info.php. The manipulation of the argument rsid results in sql injection. The attack may be launched remotely. The exploit is now public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9509 - itsourcecode Apartment Management System SQL Injection
CVE ID : CVE-2025-9509
Published : Aug. 27, 2025, 5:15 a.m. | 6 hours, 1 minute ago
Description : A security flaw has been discovered in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /report/fair_info_all.php. Performing manipulation of the argument fid results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-49039 - Mibuthu Link View Stored Cross-Site Scripting
CVE ID : CVE-2025-49039
Published : Aug. 27, 2025, 4:16 a.m. | 7 hours, 1 minute ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mibuthu Link View allows Stored XSS.This issue affects Link View: from n/a through 0.8.0.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-49040
Published : Aug. 27, 2025, 4:16 a.m. | 7 hours, 1 minute ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Backup Bolt allows Cross Site Request Forgery.This issue affects Backup Bolt: from n/a through 1.4.1.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9504 - Campcodes Online Loan Management System SQL Injection
CVE ID : CVE-2025-9504
Published : Aug. 27, 2025, 4:16 a.m. | 7 hours, 1 minute ago
Description : A vulnerability was detected in Campcodes Online Loan Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=save_plan. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9505 - Campcodes Online Loan Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9505
Published : Aug. 27, 2025, 4:16 a.m. | 7 hours, 1 minute ago
Description : A flaw has been found in Campcodes Online Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=save_loan_type. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9506 - Campcodes Online Loan Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9506
Published : Aug. 27, 2025, 4:16 a.m. | 7 hours, 1 minute ago
Description : A vulnerability has been found in Campcodes Online Loan Management System 1.0. This affects an unknown part of the file /ajax.php?action=delete_plan. Such manipulation of the argument ID leads to sql injection. The attack may be performed from a remote location. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9507 - iSourcecode Apartment Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9507
Published : Aug. 27, 2025, 4:16 a.m. | 7 hours, 1 minute ago
Description : A weakness has been identified in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/visitor_info.php. Executing manipulation of the argument vid can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-49035 - "Chaimchaikin Admin Menu Groups Cross-site Scripting"
CVE ID : CVE-2025-49035
Published : Aug. 27, 2025, 4:15 a.m. | 7 hours, 1 minute ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in chaimchaikin Admin Menu Groups allows Stored XSS.This issue affects Admin Menu Groups: from n/a through 0.1.2.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7732 - WordPress Lazy Load for Videos Stored Cross-Site Scripting
CVE ID : CVE-2025-7732
Published : Aug. 27, 2025, 3:15 a.m. | 8 hours, 1 minute ago
Description : The Lazy Load for Videos plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its lazy‑loading handlers in all versions up to, and including, 2.18.7 due to insufficient input sanitization and output escaping. The plugin’s JavaScript registration handlers read the client‑supplied 'data-video-title' and 'href' attributes, decode HTML entities by default, and pass them directly into DOM sinks without any escaping or validation. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9502 - Campcodes Online Loan Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9502
Published : Aug. 27, 2025, 3:15 a.m. | 8 hours, 1 minute ago
Description : A weakness has been identified in Campcodes Online Loan Management System 1.0. This impacts an unknown function of the file /ajax.php?action=save_payment. Executing manipulation of the argument loan_id can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9503 - Campcodes Online Loan Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9503
Published : Aug. 27, 2025, 3:15 a.m. | 8 hours, 1 minute ago
Description : A security vulnerability has been detected in Campcodes Online Loan Management System 1.0. Affected is an unknown function of the file /ajax.php?action=save_borrower. The manipulation of the argument lastname leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8490
Published : Aug. 27, 2025, 12:15 a.m. | 11 hours, 1 minute ago
Description : The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Import in all versions up to, and including, 7.97 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-35114
Published : Aug. 26, 2025, 11:15 p.m. | 12 hours, 1 minute ago
Description : Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Users should upgrade to Agiloft Release 30.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-35115
Published : Aug. 26, 2025, 11:15 p.m. | 12 hours, 1 minute ago
Description : Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30.
Severity: 9.2 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57820
Published : Aug. 26, 2025, 11:15 p.m. | 12 hours, 1 minute ago
Description : Svelte devalue is a utility library. Prior to version 5.3.2, a string passed to devalue.parse could represent an object with a __proto__ property and devalue.parse does not check that an index is numeric. This could result in assigning prototypes to objects and properties, leading to prototype pollution. This issue has been fixed in version 5.3.2
Severity: 7.9 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9277
Published : Aug. 26, 2025, 11:15 p.m. | 12 hours, 1 minute ago
Description : The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the broken preg_replace expression in all versions up to, and including, 1.2.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-35113
Published : Aug. 26, 2025, 11:15 p.m. | 9 hours, 12 minutes ago
Description : Agiloft Release 28 does not properly neutralize special elements used in an EUI template engine, allowing an authenticated attacker to achieve remote code execution by loading a specially crafted payload. Users should upgrade to Agiloft Release 31.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22411 - Cisco SDP Use After Free Remote Code Execution Vulnerability
CVE ID : CVE-2025-22411
Published : Aug. 26, 2025, 11:15 p.m. | 7 hours, 12 minutes ago
Description : In process_service_attr_rsp of sdp_discovery.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22412 - Apache SDP Server Use-After-Free Remote Code Execution Vulnerability
CVE ID : CVE-2025-22412
Published : Aug. 26, 2025, 11:15 p.m. | 7 hours, 12 minutes ago
Description : In multiple functions of sdp_server.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22413 - Apache HTTP Server Privilege Escalation Vulnerability
CVE ID : CVE-2025-22413
Published : Aug. 26, 2025, 11:15 p.m. | 7 hours, 12 minutes ago
Description : In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-26417 - Google Android Confused Deputy Local Information Disclosure
CVE ID : CVE-2025-26417
Published : Aug. 26, 2025, 11:15 p.m. | 7 hours, 12 minutes ago
Description : In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user consent when opening files in shared storage due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-35112 - Agiloft XML External Entities (XXE)
CVE ID : CVE-2025-35112
Published : Aug. 26, 2025, 11:15 p.m. | 7 hours, 12 minutes ago
Description : Agiloft Release 28 contains an XML External Entities vulnerability in any table that allows 'import/export', allowing an authenticated attacker to import the template file and perform path traversal on the local system files. Users should upgrade to Agiloft Release 31.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22407 - BlueZ Use After Free Remote Information Disclosure
CVE ID : CVE-2025-22407
Published : Aug. 26, 2025, 11:15 p.m. | 6 hours ago
Description : In hidd_check_config_done of hidd_conn.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22408
Published : Aug. 26, 2025, 11:15 p.m. | 6 hours ago
Description : In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22409 - RFC TS Frames Use After Free Local Privilege Escalation
CVE ID : CVE-2025-22409
Published : Aug. 26, 2025, 11:15 p.m. | 6 hours ago
Description : In rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22410 - Apache HTTP Server Use-After-Free Remote Code Execution Vulnerability
CVE ID : CVE-2025-22410
Published : Aug. 26, 2025, 11:15 p.m. | 6 hours ago
Description : In multiple locations, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-0086 - Android AccountManager Service Token Overwrite Vulnerability
CVE ID : CVE-2025-0086
Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago
Description : In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-0092 - Google Android Bond Permission Bypass
CVE ID : CVE-2025-0092
Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago
Description : In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-0093 - Android Device AdapterService Remote Information Disclosure Vulnerability
CVE ID : CVE-2025-0093
Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago
Description : In handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due to a missing permission check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22403 - "Vulnerability in Google SDP's SDP Disovery Service: Arbitrary Code Execution"
CVE ID : CVE-2025-22403
Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago
Description : In sdp_snd_service_search_req of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22404 - Qualcomm AvCT LCB Act Use After Free Privilege Escalation
CVE ID : CVE-2025-22404
Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago
Description : In avct_lcb_msg_ind of avct_lcb_act.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22405 - Apache HTTP Server Use After Free Arbitrary Code Execution
CVE ID : CVE-2025-22405
Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago
Description : In multiple locations, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22406 - Apache OpenWRT bnep Use After Free Local Privilege Escalation
CVE ID : CVE-2025-22406
Published : Aug. 26, 2025, 11:15 p.m. | 5 hours, 11 minutes ago
Description : In bnepu_check_send_packet of bnep_utils.cc, there is a possible way to achieve code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-0082
Published : Aug. 26, 2025, 11:15 p.m. | 3 hours, 59 minutes ago
Description : In multiple functions of StatusHint.java and TelecomServiceImpl.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-0083 - Apache HTTP Server Information Disclosure Vulnerability
CVE ID : CVE-2025-0083
Published : Aug. 26, 2025, 11:15 p.m. | 3 hours, 59 minutes ago
Description : In multiple locations, there is a possible way to access content across user profiles due to URI double encoding. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-0084 - Qualcomm Bluetooth HFP Use After Free Remote Code Execution
CVE ID : CVE-2025-0084
Published : Aug. 26, 2025, 11:15 p.m. | 3 hours, 59 minutes ago
Description : In multiple locations, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-0081 - Adobe DNG JPEG Uninitialized Data Crash Vulnerability
CVE ID : CVE-2025-0081
Published : Aug. 26, 2025, 11:15 p.m. | 1 hour, 11 minutes ago
Description : In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9492 - Campcodes Online Water Billing System SQL Injection Vulnerability
CVE ID : CVE-2025-9492
Published : Aug. 26, 2025, 10:15 p.m. | 43 minutes ago
Description : A vulnerability was determined in Campcodes Online Water Billing System 1.0. This affects an unknown function of the file /addclient1.php. Executing manipulation of the argument lname can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. Other parameters might be affected as well.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-35203
Published : Aug. 26, 2025, 9:15 p.m. | 1 hour, 43 minutes ago
Description : Mahara before 22.10.6, 23.04.6, and 24.04.1 allows cross-site scripting (XSS) via a file, with JavaScript code as part of its name, that is uploaded via the Mahara filebrowser system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-47192
Published : Aug. 26, 2025, 9:15 p.m. | 1 hour, 43 minutes ago
Description : An issue was discovered in Mahara 23.04.8 and 24.04.4. The use of a malicious export download URL can allow an attacker to download files that they do not have permission to download.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50971
Published : Aug. 26, 2025, 8:15 p.m. | 2 hours, 43 minutes ago
Description : Directory traversal vulnerability in AbanteCart version 1.4.2 allows unauthenticated attackers to gain access to sensitive system files via the template parameter to index.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52353
Published : Aug. 26, 2025, 8:15 p.m. | 2 hours, 43 minutes ago
Description : An arbitrary code execution vulnerability in Badaso CMS 2.9.11. The Media Manager allows authenticated users to upload files containing embedded PHP code via the file-upload endpoint, bypassing content-type validation. When such a file is accessed via its URL, the server executes the PHP payload, enabling an attacker to run arbitrary system commands and achieve full compromise of the underlying host. This has been demonstrated by embedding a backdoor within a PDF and renaming it with a .php extension.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55443 - Telpo MDM Plaintext Credentials and MQTT Server Exposure
CVE ID : CVE-2025-55443
Published : Aug. 26, 2025, 8:15 p.m. | 2 hours, 43 minutes ago
Description : Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details (IP/port) that are stored in plaintext within log files on the device's external storage. This allows attackers with access to these logs to: 1. Authenticate to the MDM web platform to execute administrative operations (device shutdown/factory reset/software installation); 2. Connect to the MQTT server to intercept/publish device data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23307
Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago
Description : NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23312
Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago
Description : NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23313
Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago
Description : NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23314
Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago
Description : NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23315
Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago
Description : NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50975 - IPFire Stored XSS in Firewall CGI Interface
CVE ID : CVE-2025-50975
Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago
Description : IPFire 2.29 web-based firewall interface (firewall.cgi) fails to sanitize several rule parameters such as PROT, SRC_PORT, TGT_PORT, dnatport, key, ruleremark, src_addr, std_net_tgt, and tgt_addr, allowing an authenticated administrator to inject persistent JavaScript. This stored XSS payload is executed whenever another admin views the firewall rules page, enabling session hijacking, unauthorized actions within the interface, or further internal pivoting. Exploitation requires only high-privilege GUI access, and the complexity of the attack is low.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9478 - Google Chrome ANGLE Use-After-Free Vulnerability
CVE ID : CVE-2025-9478
Published : Aug. 26, 2025, 7:15 p.m. | 3 hours, 43 minutes ago
Description : Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50976
Published : Aug. 26, 2025, 6:15 p.m. | 4 hours, 43 minutes ago
Description : IPFire 2.29 DNS management interface (dns.cgi) fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLS_HOSTNAME query parameters, resulting in a reflected cross-site scripting (XSS) vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55298 - ImageMagick Format String Vulnerability
CVE ID : CVE-2025-55298
Published : Aug. 26, 2025, 6:15 p.m. | 4 hours, 43 minutes ago
Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper sanitization. An attacker can overwrite arbitrary memory regions, enabling a wide range of attacks from heap overflow to remote code execution. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57803
Published : Aug. 26, 2025, 6:15 p.m. | 4 hours, 43 minutes ago
Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2 for ImageMagick's 32-bit build, a 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses bytes_per_line (stride) to a tiny value while the per-row writer still emits 3 × width bytes for 24-bpp images. The row base pointer advances using the (overflowed) stride, so the first row immediately writes past its slot and into adjacent heap memory with attacker-controlled bytes. This is a classic, powerful primitive for heap corruption in common auto-convert pipelines. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57818
Published : Aug. 26, 2025, 6:15 p.m. | 4 hours, 43 minutes ago
Description : Firecrawl turns entire websites into LLM-ready markdown or structured data. Prior to version 2.0.1, a server-side request forgery (SSRF) vulnerability was discovered in Firecrawl's webhook functionality. Authenticated users could configure a webhook to an internal URL and send POST requests with arbitrary headers, which may have allowed access to internal systems. This has been fixed in version 2.0.1. If upgrading is not possible, it is recommend to isolate Firecrawl from any sensitive internal systems.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-1994 - IBM Cognos Command Center Deserialization Vulnerability
CVE ID : CVE-2025-1994
Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago
Description : IBM Cognos Command Center 10.2.4.1 and 10.2.5
could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the BinaryFormatter function.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2697 - IBM Cognos Command Center Open Redirect Vulnerability
CVE ID : CVE-2025-2697
Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago
Description : IBM Cognos Command Center 10.2.4.1 and 10.2.5
could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36729 - "Fortinet Web Interface Unauthorized Access and Privilege Escalation"
CVE ID : CVE-2025-36729
Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago
Description : A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. This vulnerability also allows the user to give themselves shell access with the root gid.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50974
Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago
Description : The Calamaris log exporter CGI (/cgi-bin/logs.cgi/calamaris.dat) in IPFire 2.29 does not properly sanitize user-supplied input before incorporating parameter values into a shell command. An unauthenticated remote attacker can inject arbitrary OS commands by embedding shell metacharacters in any of the following parameters BYTE_UNIT, DAY_BEGIN, DAY_END, HIST_LEVEL, MONTH_BEGIN, MONTH_END, NUM_CONTENT, NUM_DOMAINS, NUM_HOSTS, NUM_URLS, PERF_INTERVAL, YEAR_BEGIN, YEAR_END.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52184 - Helpy.io Cross Site Scripting (XSS)
CVE ID : CVE-2025-52184
Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago
Description : Cross Site Scripting vulnerability in Helpy.io v.2.8.0 allows a remote attacker to escalate privileges via the New Topic Ticket funtion.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55212 - ImageMagick Denial of Service Vulnerability
CVE ID : CVE-2025-55212
Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago
Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon (":") to montage -geometry leads GetGeometry() to set width/height to 0. Later, ThumbnailImage() divides by these zero dimensions, triggering a crash (SIGFPE/abort), resulting in a denial of service. This issue has been patched in versions 6.9.13-28 and 7.1.2-2.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57425 - SourceCodester FAQ Management System Stored XSS Vulnerability
CVE ID : CVE-2025-57425
Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago
Description : A Stored Cross-Site Scripting (XSS) vulnerability in SourceCodester FAQ Management System 1.0 allows an authenticated attacker to inject malicious JavaScript into the 'question' and 'answer' fields via the update-faq.php endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9491 - Microsoft Windows LNK File Remote Code Execution Vulnerability
CVE ID : CVE-2025-9491
Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 43 minutes ago
Description : Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of .LNK files. Crafted data in an .LNK file can cause hazardous content in the file to be invisible to a user who inspects the file via the Windows-provided user interface. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-25373.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-1494 - IBM Cognos Command Center Clickjacking Vulnerability
CVE ID : CVE-2025-1494
Published : Aug. 26, 2025, 5:15 p.m. | 5 hours, 10 minutes ago
Description : IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57810 - jsPDF High CPU Utilization Denial of Service Vulnerability
CVE ID : CVE-2025-57810
Published : Aug. 26, 2025, 4:15 p.m. | 4 hours, 58 minutes ago
Description : jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.2, user control of the first argument of the addImage method results in CPU utilization and denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful PNG file that results in high CPU utilization and denial of service. The vulnerability was fixed in jsPDF 3.0.2.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57813
Published : Aug. 26, 2025, 4:15 p.m. | 4 hours, 58 minutes ago
Description : traQ is a messenger application built for Digital Creators Club traP. Prior to version 3.25.0, a vulnerability exists where sensitive information, such as OAuth tokens, are recorded in log files when an error occurs during the execution of an SQL query. An attacker could intentionally trigger an SQL error by methods such as placing a high load on the database. This could allow an attacker who has the authority to view the log files to illicitly acquire the recorded sensitive information. This vulnerability has been patched in version 3.25.0. If upgrading is not possible, a temporary workaround involves reviewing access permissions for SQL error logs and strictly limiting access to prevent unauthorized users from viewing them.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-56432 - Nagios XI Cross-Site Scripting (XSS)
CVE ID : CVE-2025-56432
Published : Aug. 26, 2025, 4:15 p.m. | 3 hours, 56 minutes ago
Description : A cross-site scripting (XSS) vulnerability exists in Nagios XI 2024R2. The vulnerability allows remote attackers to execute arbitrary JavaScript in the context of a logged-in user's session via a specially crafted URL. The issue resides in a web component responsible for rendering performance-related data.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52219 - SelectZero Data Observability Platform Open Redirect Vulnerability
CVE ID : CVE-2025-52219
Published : Aug. 26, 2025, 3:15 p.m. | 4 hours, 56 minutes ago
Description : SelectZero SelectZero Data Observability Platform before 2025.5.2 contains an Open Redirect vulnerability. Legacy UI fields can be used to create arbitrary external links via HTML Injection.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6366 - WordPress Event List Plugin Privilege Escalation Vulnerability
CVE ID : CVE-2025-6366
Published : Aug. 26, 2025, 3:15 p.m. | 4 hours, 56 minutes ago
Description : The Event List plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.0.4. This is due to the plugin not properly validating a user's capabilities prior to updating their profile in the el_update_profile() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change their capabilities to those of an administrator.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-25732 - Kapsch TrafficCom RIS-9160 RIS-9260 Roadside Units EEPROM Access Control Bypass Privilege Escalation
CVE ID : CVE-2025-25732
Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago
Description : Incorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows attackers to replace password hashes stored in the EEPROM with hashes of their own, leading to the escalation of privileges to root.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-25733 - Kapsch TrafficCom RIS-9160 RIS-9260 Roadside Units SPI Flash Chip Access Control Bypass
CVE ID : CVE-2025-25733
Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago
Description : Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 allows physically proximate attackers to arbitrarily modify SPI flash regions, leading to a degradation of the security posture of the device.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-25734 - Kapsch TrafficCom RIS-9160 RIS-9260 Roadside Units (RSUs) Boot Process Privilege Escalation
CVE ID : CVE-2025-25734
Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago
Description : Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 was discovered to contain an unauthenticated EFI shell which allows attackers to execute arbitrary code or escalate privileges during the boot process.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-25735
Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago
Description : Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack SPI Protected Range Registers (PRRs), allowing attackers with software running on the system to modify SPI flash in real-time.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-25736
Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago
Description : Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to contain Android Debug Bridge (ADB) pre-installed (/mnt/c3platpersistent/opt/platform-tools/adb) and enabled by default, allowing unauthenticated root shell access to the cellular modem via the default 'kapsch' user.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-25737
Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago
Description : Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were discovered to lack secure password requirements for its BIOS Supervisor and User accounts, allowing attackers to bypass authentication via a bruteforce attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52035
Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago
Description : A vulnerability in NotesCMS and specifically in the page /index.php?route=notes. The manipulation of the title of the service descriptions leads to a stored XSS vulnerability. The issue was confirmed to be present in the source code as of commit 7d821a0f028b0778b245b99ab3d3bff1ac10e2d3 (dated 2024-05-08) and was fixed in commit 95322c5121dbd7070f3bd54f2848079654a0a8ea (dated 2025-03-31). The attack can be launched remotely.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52036
Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago
Description : A vulnerability has been found in NotesCMS and classified as medium. Affected by this vulnerability is the page /index.php?route=categories. The manipulation of the title of the service descriptions leads to a stored XSS vulnerability. The issue was confirmed to be present in the source code as of commit 7d821a0f028b0778b245b99ab3d3bff1ac10e2d3 (dated 2024-05-08), and was fixed in commit 95322c5121dbd7070f3bd54f2848079654a0a8ea (dated 2025-03-31). The attack can be launched remotely. CWE Definition of the Vulnerability: CWE-79.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52037
Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago
Description : A vulnerability has been found in NotesCMS and classified as medium. Affected by this vulnerability is the page /index.php?route=sites. The manipulation of the title of the service descriptions leads to a stored XSS vulnerability. The issue was confirmed to be present in the source code as of commit 7d821a0f028b0778b245b99ab3d3bff1ac10e2d3 (dated 2024-05-08), and was fixed in commit 95322c5121dbd7070f3bd54f2848079654a0a8ea (dated 2025-03-31). The attack can be launched remotely. CWE Definition of the Vulnerability: CWE-79.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52217 - SelectZero Data Observability Platform HTML Injection Vulnerability
CVE ID : CVE-2025-52217
Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago
Description : SelectZero Data Observability Platform before 2025.5.2 is vulnerable to HTML Injection. Legacy UI fields improperly handle user-supplied input, allowing injection of arbitrary HTML.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52218 - SelectZero Data Observability Platform Content Spoofing Vulnerability
CVE ID : CVE-2025-52218
Published : Aug. 26, 2025, 3:15 p.m. | 3 hours, 7 minutes ago
Description : SelectZero Data Observability Platform before 2025.5.2 is vulnerable to Content Spoofing / Text Injection. Improper sanitization of unspecified parameters allows attackers to inject arbitrary text or limited HTML into the login page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-39335 - Mahara Information Disclosure Vulnerability
CVE ID : CVE-2024-39335
Published : Aug. 26, 2025, 3:15 p.m. | 1 hour, 21 minutes ago
Description : Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed to an institution administrator under certain conditions via the 'Current submissions' page: Administration -> Groups -> Submissions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-47853
Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago
Description : An issue was discovered in Mahara 23.04.8 and 24.04.4. Attackers may utilize escalation of privileges in certain cases when logging into Mahara with Learning Tools Interoperability (LTI).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29992 - Mahara Database Connection Information Disclosure
CVE ID : CVE-2025-29992
Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago
Description : Mahara before 24.04.9 exposes database connection information if the database becomes unreachable, e.g., due to the database server being temporarily down or too busy.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50753
Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago
Description : Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh into a restricted default shell.The command "deviceinfo show file" is supposed to be used from restricted shell to show files and directories. By providing " /bin/sh" (quotes included) to the argument of this command will drop a root shell.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55526
Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago
Description : n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the download_workflow function within api_server.py
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8424
Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago
Description : Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9481
Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago
Description : A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function setIpv6 of the file /goform/setIpv6. The manipulation of the argument tunrd_Prefix leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9482
Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago
Description : A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This impacts the function portRangeForwardAdd of the file /goform/portRangeForwardAdd. The manipulation of the argument ruleName/schedule/inboundFilter/TCPPorts/UDPPorts results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9483 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-9483
Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 21 minutes ago
Description : A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function singlePortForwardAdd of the file /goform/singlePortForwardAdd. This manipulation of the argument ruleName/schedule/inboundFilter causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-45753
Published : Aug. 26, 2025, 2:15 p.m. | 2 hours, 11 minutes ago
Description : In Mahara 23.04.8 and 24.04.4, the external RSS feed block can cause XSS if the external feed XML has a malicious value for the link attribute.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8700
Published : Aug. 26, 2025, 1:15 p.m. | 3 hours, 11 minutes ago
Description : Invoice Ninja's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access (e.g. via a malicious application) to attach a debugger, read or modify the process memory, inject code in the application's context despite being signed with Hardened Runtime and bypass Transparency, Consent, and Control (TCC). Acquired resource access is limited to previously granted permissions by the user. Access to other resources beyond granted permissions requires user interaction with a system prompt asking for permission.
According to Apple documentation, when a non-root user runs an app with the debugging tool entitlement, the system presents an authorization dialog asking for a system administrator's credentials. Since there is no prompt when the target process has "get-task-allow" entitlement, the presence of this entitlement was decided to be treated as a vulnerability because it removes one step needed to perform an attack.
This issue was fixed in version 5.0.175
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9190 - "Cursor macOS Local Privilege Escalation (Unauthenticated Code Execution)"
CVE ID : CVE-2025-9190
Published : Aug. 26, 2025, 1:15 p.m. | 3 hours, 11 minutes ago
Description : The configuration of Cursor on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Cursor TCC (Transparency, Consent, and Control) permissions.
Acquired resource access is limited to previously granted permissions by the user. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of Cursor, potentially disguising attacker's malicious intent.
This issue was detected in 15.4.1 version of Cursor. Project maintainers decided not to fix this issue, because a scenario including a local attacker falls outside their defined threat model.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38676
Published : Aug. 26, 2025, 1:15 p.m. | 1 hour, 21 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
iommu/amd: Avoid stack buffer overflow from kernel cmdline
While the kernel command line is considered trusted in most environments,
avoid writing 1 byte past the end of "acpiid" if the "str" argument is
maximum length.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53811
Published : Aug. 26, 2025, 1:15 p.m. | 1 hour, 21 minutes ago
Description : The configuration of Mosh-Pro on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Mosh-Pro TCC (Transparency, Consent, and Control) permissions.
Acquired resource access is limited to previously granted permissions by the user. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of Mosh-Pro, potentially disguising attacker's malicious intent.
This issue was detected in 1.3.2 version of Mosh-Pro. Since authors did not respond to messages from CNA, patching status is unknown.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53813
Published : Aug. 26, 2025, 1:15 p.m. | 1 hour, 21 minutes ago
Description : The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC (Transparency, Consent, and Control) permissions.
Acquired resource access is limited to previously granted permissions by the user. Access to other resources beyond granted-permissions requires user interaction with a system prompt asking for permission.
This issue was fixed in version 2025.11 of Nozbe.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7775 - Citrix NetScaler Remote Code Execution and Denial of Service Vulnerability
CVE ID : CVE-2025-7775
Published : Aug. 26, 2025, 1:15 p.m. | 1 hour, 21 minutes ago
Description : Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server
(OR)
NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers
(OR)
NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers
(OR)
CR virtual server with type HDX
Severity: 9.2 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7776 - Citrix NetScaler Memory Overflow Denial of Service
CVE ID : CVE-2025-7776
Published : Aug. 26, 2025, 1:15 p.m. | 1 hour, 21 minutes ago
Description : Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8597 - MacVim macOS Local Debugger Bypass
CVE ID : CVE-2025-8597
Published : Aug. 26, 2025, 1:15 p.m. | 1 hour, 21 minutes ago
Description : MacVim's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access (e.g. via a malicious application) to attach a debugger, read or modify the process memory, inject code in the application's context despite being signed with Hardened Runtime and bypass Transparency, Consent, and Control (TCC). Acquired resource access is limited to previously granted permissions by the user. Access to other resources beyond granted permissions requires user interaction with a system prompt asking for permission.
According to Apple documentation, when a non-root user runs an app with the debugging tool entitlement, the system presents an authorization dialog asking for a system administrator's credentials. Since there is no prompt when the target process has "get-task-allow" entitlement, the presence of this entitlement was decided to be treated as a vulnerability because it removes one step needed to perform an attack.
This issue was fixed in build r181.2
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-1501 - CMC Unauthenticated Access Control Bypass
CVE ID : CVE-2025-1501
Published : Aug. 26, 2025, 11:15 a.m. | 3 hours, 21 minutes ago
Description : An access control vulnerability was discovered in the Request Trace and Download Trace functionalities of CMC before 25.1.0 due to a specific access restriction not being properly enforced for users with limited privileges. An authenticated user with limited privileges can request and download trace files due to improper access restrictions, potentially exposing unauthorized network data.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-44002
Published : Aug. 26, 2025, 11:15 a.m. | 3 hours, 21 minutes ago
Description : Race Condition in the Directory Validation Logic in the TeamViewer Full Client and Host prior version 15.69 on Windows allows a local non-admin user to create arbitrary files with SYSTEM privileges, potentially leading to a denial-of-service condition, via symbolic link manipulation during directory verification.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29901 - Asustor File Station NULL Pointer Dereference Denial of Service
CVE ID : CVE-2025-29901
Published : Aug. 26, 2025, 10:15 a.m. | 4 hours, 21 minutes ago
Description : A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4933 and later
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-48108 - Mojoomla School Management Missing Authorization Vulnerability
CVE ID : CVE-2025-48108
Published : Aug. 26, 2025, 10:15 a.m. | 4 hours, 21 minutes ago
Description : Missing Authorization vulnerability in Mojoomla School Management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects School Management: from n/a through 93.2.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6247
Published : Aug. 26, 2025, 9:15 a.m. | 5 hours, 21 minutes ago
Description : The WordPress Automatic Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.118.0. This is due to missing or incorrect nonce validation on one of its functions. This makes it possible for unauthenticated attackers to update campaigns and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53418
Published : Aug. 26, 2025, 7:15 a.m. | 7 hours, 21 minutes ago
Description : Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53419
Published : Aug. 26, 2025, 7:15 a.m. | 7 hours, 21 minutes ago
Description : Delta Electronics COMMGR has Code Injection vulnerability.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57704 - Delta Electronics EIP Builder XML External Entity Information Disclosure
CVE ID : CVE-2025-57704
Published : Aug. 26, 2025, 7:15 a.m. | 7 hours, 21 minutes ago
Description : Delta Electronics EIP Builder version 1.11 is vulnerable to a File Parsing XML External Entity Processing Information Disclosure Vulnerability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-8860 - Tourfic for WordPress Unauthenticated Data Modification Vulnerability
CVE ID : CVE-2024-8860
Published : Aug. 26, 2025, 7:15 a.m. | 7 hours, 3 minutes ago
Description : The Tourfic plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tf_order_status_email_resend_function, tf_visitor_details_edit_function, tf_checkinout_details_edit_function, tf_order_status_edit_function, tf_order_bulk_action_edit_function, tf_remove_room_order_ids, and tf_delete_old_review_fields functions in all versions up to, and including, 2.14.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to resend order status emails, update visitor/order details, edit check-in/out details, edit order status, perform bulk order status updates, remove room order IDs, and delete old review fields, respectively.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Les derniers articles scientifiques co-écrits par des agents issus des labos de l’ANSSI
Les derniers articles scientifiques co-écrits par des agents issus des labos de l’ANSSI
anssiadm
Découvrez les parutions scientifiques les plus récentes auxquelles ont pris part différents agents de l’ANSSI issus des laboratoires de la division Scientifique et Technique (DST).
Pour mener à bien ses missions, l’ANSSI se doit d'entretenir au sein de ses équipes un niveau élevé d’expertise dans l’ensemble des domaines scientifiques et techniques pertinents pour son action. La pratique de la recherche est essentielle pour maintenir et développer l’expertise et les connaissances qui font la réputation de l’ANSSI.
Nos agents publient des articles de recherche dans des revues scientifiques, présentent leurs travaux dans des conférences nationales ou internationales, et échangent régulièrement avec leurs pairs dans des colloques.
Ces contributions, nombreuses, relèvent de domaines aussi variés que la cryptographie, les attaques par canaux auxiliaires, les interférences électromagnétiques, la sécurité des langages ou encore la sécurité des architectures informatiques fixes ou mobiles. Elles permettent aux agents de l’ANSSI d’entretenir leur expertise et d’être reconnus au sein des diverses communautés scientifiques.
Découvrez ci-dessous les derniers articles scientifiques auxquels ont participé les agents issus des différents laboratoires de l’ANSSI qui constituent la division Scientifique et Technique (DST) :
« A Tale of Two Worlds, a Formal Story of WireGuard Hybridization » (à lire ici)
Cet article concerne la thématique de la cryptographie post-quantique.
Il a été co-écrit par Sylvain Ruhault (ANSSI), Abdul Rahman Taleb (ANSSI), Pascal Lafourcade (Université Clermont Auvergne) et Dhekra Mahmoud (Université Clermont Auvergne).
Il a été présenté lors de la 34e conférence Usenix Security Symposium qui s’est déroulée à Seattle, aux Etats-Unis, du 13 au 15 août 2025.
« A Comprehensive Formal Security Analysis of OPC UA » (à lire ici)
Cet article concerne la sécurisation des systèmes industriels.
Il a été co-écrit par Vincent Diemunsch (ANSSI et Université de Lorraine), Lucca Hirschi (Université de Lorraine) et Steve Kremer (Université de Lorraine)
Il a été présenté lors de la 34e conférence Usenix Security Symposium qui s’est déroulée à Seattle, aux Etats-Unis, du 13 au 15 août 2025.
Cet article présente une amélioration des meilleures attaques algébriques connues contre diverses primitives symétriques orientées arithmétisation et notamment de la « FreeLunch attack » qui avait été publiée par Augustin Bariant (ANSSI) à la précédente édition de la conférence CRYPTO en 2024.
Il a été co-écrit par Augustin Bariant (ANSSI), Aurélien Bœuf (INRIA), Pierre Briaud (Simula UiB, Norvège), Maël Hostettler (Télécom SudParis), Morten Øygarden (Simula UiB, Norvège) et Havard Raddum (Simula UiB, Norvège).
Il a été présenté au cours de la conférence CRYPTO 2025 qui s’est déroulée à Santa Barbara, aux Etats-Unis, du 17 au 21 août 2025.
Cet article propose une nouvelle méthode d’analyse par canaux auxiliaires utilisant des réseaux de neurone.
Il a été co-écrit par Benoit Gérard (ANSSI), Guénaël Renault (ANSSI), Sana Boussam (Thales), Mathieu Carbone (Thales) et Gabriel Zaid (Thales).
Il sera présenté au cours de la conférence on Cryptographic Hardware and Embedded Systems (CHES) 2025 qui se tiendra à Kuala Lumpur, en Malaisie, du 14 au 18 septembre 2025.
CVE ID : CVE-2025-41702
Published : Aug. 26, 2025, 6:15 a.m. | 8 hours, 3 minutes ago
Description : The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An unauthenticated remote attacker can generate valid HS256 tokens and bypass authentication/authorization due to the use of hard-coded cryptographic key.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9475 - SourceCodester Human Resource Information System Unrestricted File Upload Vulnerability
CVE ID : CVE-2025-9475
Published : Aug. 26, 2025, 6:15 a.m. | 8 hours, 3 minutes ago
Description : A flaw has been found in SourceCodester Human Resource Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /Admin_Dashboard/process/editemployee_process.php. This manipulation of the argument employee_file201 causes unrestricted upload. The attack may be initiated remotely. The exploit has been published and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9476 - SourceCodester Human Resource Information System Unrestricted File Upload Vulnerability
CVE ID : CVE-2025-9476
Published : Aug. 26, 2025, 6:15 a.m. | 8 hours, 3 minutes ago
Description : A vulnerability has been found in SourceCodester Human Resource Information System 1.0. Affected by this issue is some unknown functionality of the file /Superadmin_Dashboard/process/editemployee_process.php. Such manipulation of the argument employee_file201 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5931 - Dokan Pro WordPress Privilege Escalation via Account Takeover
CVE ID : CVE-2025-5931
Published : Aug. 26, 2025, 5:15 a.m. | 9 hours, 3 minutes ago
Description : The Dokan Pro plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.5. This is due to the plugin not properly validating a user's identity prior to updating their password during a staff password reset. This makes it possible for authenticated attackers, with vendor-level access and above, to elevate their privilege to the level of a staff member and then change arbitrary user passwords, including those of administrators in order to gain access to their accounts. By default, the plugin allows customers to become vendors.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9472 - iSourcecode Apartment Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9472
Published : Aug. 26, 2025, 5:15 a.m. | 9 hours, 3 minutes ago
Description : A vulnerability was found in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /owner_utility/add_owner_utility.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9473 - SourceCodester Online Bank Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9473
Published : Aug. 26, 2025, 5:15 a.m. | 9 hours, 3 minutes ago
Description : A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. This impacts an unknown function of the file /feedback.php. The manipulation of the argument msg leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9474 - Mihomo Party Local File Inclusion Vulnerability
CVE ID : CVE-2025-9474
Published : Aug. 26, 2025, 5:15 a.m. | 9 hours, 3 minutes ago
Description : A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires a local approach. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit is now public and may be used.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9471 - iSourcecode Apartment Management System SQL Injection
CVE ID : CVE-2025-9471
Published : Aug. 26, 2025, 4:16 a.m. | 10 hours, 3 minutes ago
Description : A vulnerability has been found in itsourcecode Apartment Management System 1.0. This vulnerability affects unknown code of the file /maintenance/add_maintenance_cost.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9470 - iSourcecode Apartment Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9470
Published : Aug. 26, 2025, 4:16 a.m. | 8 hours, 51 minutes ago
Description : A flaw has been found in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /management/add_m_committee.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9172
Published : Aug. 26, 2025, 4:15 a.m. | 8 hours, 51 minutes ago
Description : The Vibes plugin for WordPress is vulnerable to time-based SQL Injection via the ‘resource’ parameter in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9468 - iSourcecode Apartment Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9468
Published : Aug. 26, 2025, 4:15 a.m. | 8 hours, 51 minutes ago
Description : A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /bill/add_bill.php. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9469 - iSourcecode Apartment Management System SQL Injection
CVE ID : CVE-2025-9469
Published : Aug. 26, 2025, 4:15 a.m. | 8 hours, 51 minutes ago
Description : A vulnerability was detected in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /fund/add_fund.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9443
Published : Aug. 26, 2025, 3:15 a.m. | 9 hours, 51 minutes ago
Description : A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument new_account can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9444 - "1000projects Online Project Report Submission and Evaluation System SQL Injection Vulnerability"
CVE ID : CVE-2025-9444
Published : Aug. 26, 2025, 3:15 a.m. | 9 hours, 51 minutes ago
Description : A vulnerability has been found in 1000projects Online Project Report Submission and Evaluation System 1.0. This issue affects some unknown processing of the file /admin/controller/delete_group_student.php. The manipulation of the argument batch_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9461 - Diyhi BBS File Compression Handler Information Disclosure Vulnerability
CVE ID : CVE-2025-9461
Published : Aug. 26, 2025, 3:15 a.m. | 9 hours, 51 minutes ago
Description : A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9440 - Apache 1000projects Online Project Report Submission and Evaluation System Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-9440
Published : Aug. 26, 2025, 2:15 a.m. | 10 hours, 51 minutes ago
Description : A security vulnerability has been detected in 1000projects Online Project Report Submission and Evaluation System 1.0. Affected by this issue is some unknown functionality of the file /admin/add_title.php. Such manipulation of the argument Title leads to cross site scripting. The attack may be performed from a remote location. The exploit has been disclosed publicly and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9438 - 1000projects Online Project Report Submission and Evaluation System Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-9438
Published : Aug. 26, 2025, 2:15 a.m. | 8 hours, 48 minutes ago
Description : A security flaw has been discovered in 1000projects Online Project Report Submission and Evaluation System 1.0. Affected is an unknown function of the file /admin/add_student.php. The manipulation of the argument address results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9439 - Apache 1000projects Online Project Report Submission and Evaluation System Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-9439
Published : Aug. 26, 2025, 2:15 a.m. | 8 hours, 48 minutes ago
Description : A weakness has been identified in 1000projects Online Project Report Submission and Evaluation System 1.0. Affected by this vulnerability is an unknown functionality of the file /rse/admin/edit_faculty.php?id=2. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8447 - GitHub Enterprise Server Code Access Bypass
CVE ID : CVE-2025-8447
Published : Aug. 26, 2025, 2:15 a.m. | 6 hours, 45 minutes ago
Description : An improper access control vulnerability was identified in GitHub Enterprise Server that allowed users with access to any repository to retrieve limited code content from another repository by creating a diff between the repositories. To exploit this vulnerability, an attacker needed to know the name of a private repository along with its branches, tags, or commit SHAs that they could use to trigger compare/diff functionality and retrieve limited code without proper authorization. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.18, and was fixed in versions 3.14.17, 3.15.12, 3.16.8 and 3.17.5. This vulnerability was reported via the GitHub Bug Bounty program.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9433
Published : Aug. 26, 2025, 2:15 a.m. | 6 hours, 45 minutes ago
Description : A vulnerability was found in mtons mblog up to 3.5.0. The impacted element is an unknown function of the file /admin/user/list of the component Admin Panel. Performing manipulation of the argument Name results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9434 - "1000projects Online Project Report Submission and Evaluation System Cross-Site Scripting Vulnerability"
CVE ID : CVE-2025-9434
Published : Aug. 26, 2025, 2:15 a.m. | 6 hours, 45 minutes ago
Description : A vulnerability was determined in 1000projects Online Project Report Submission and Evaluation System 1.0. This affects an unknown function of the file /admin/edit_title.php?id=1. Executing manipulation of the argument desc can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9430
Published : Aug. 26, 2025, 1:15 a.m. | 5 hours, 3 minutes ago
Description : A vulnerability was detected in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /admin/options/update. The manipulation of the argument input results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9431
Published : Aug. 26, 2025, 1:15 a.m. | 5 hours, 3 minutes ago
Description : A flaw has been found in mtons mblog up to 3.5.0. Impacted is an unknown function of the file /search. This manipulation of the argument kw causes cross site scripting. The attack can be initiated remotely. The exploit has been published and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9432 - Mtons MBlog Cross Site Scripting Vulnerability
CVE ID : CVE-2025-9432
Published : Aug. 26, 2025, 1:15 a.m. | 5 hours, 3 minutes ago
Description : A vulnerability has been found in mtons mblog up to 3.5.0. The affected element is an unknown function of the file /admin/post/list of the component Admin Panel. Such manipulation of the argument Title leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9429 - Mtons Mblog Cross Site Scripting Vulnerability
CVE ID : CVE-2025-9429
Published : Aug. 26, 2025, 12:15 a.m. | 6 hours, 3 minutes ago
Description : A security vulnerability has been detected in mtons mblog up to 3.5.0. This vulnerability affects unknown code of the file /post/submit of the component Post Handler. The manipulation of the argument content/title/ leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9424
Published : Aug. 25, 2025, 11:15 p.m. | 7 hours, 3 minutes ago
Description : A vulnerability was identified in Ruijie WS7204-A 2017.06.15. Affected by this vulnerability is an unknown functionality of the file /itbox_pi/branch_import.php?a=branch_list. Such manipulation of the argument province leads to os command injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9425 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9425
Published : Aug. 25, 2025, 11:15 p.m. | 7 hours, 3 minutes ago
Description : A security flaw has been discovered in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /enquiry.php. Performing manipulation of the argument pid results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9426 - iSourcecode Online Tour and Travel Management System SQL Injection
CVE ID : CVE-2025-9426
Published : Aug. 25, 2025, 11:15 p.m. | 7 hours, 3 minutes ago
Description : A weakness has been identified in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /package.php. Executing manipulation of the argument subcatid can lead to sql injection. The attack may be performed from a remote location. The exploit has been made available to the public and could be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9423 - Campcodes Online Water Billing System SQL Injection
CVE ID : CVE-2025-9423
Published : Aug. 25, 2025, 11:15 p.m. | 5 hours, 16 minutes ago
Description : A vulnerability was determined in Campcodes Online Water Billing System 1.0. Affected is an unknown function of the file /editecex.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9420 - iSourcecode Apartment Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9420
Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 16 minutes ago
Description : A flaw has been found in itsourcecode Apartment Management System 1.0. The impacted element is an unknown function of the file /floor/addfloor.php. Executing manipulation of the argument hdnid can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9421 - iSourcecode Apartment Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9421
Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 16 minutes ago
Description : A vulnerability has been found in itsourcecode Apartment Management System 1.0. This affects an unknown function of the file /complain/addcomplain.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9422 - Samarium OITcode Team Image Handler Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-9422
Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 16 minutes ago
Description : A vulnerability was found in oitcode samarium up to 0.9.6. This impacts an unknown function of the file /dashboard/team of the component Team Image Handler. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit has been made public and could be used.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57805
Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 5 minutes ago
Description : The Scratch Channel is a news website. In versions 1 and 1.1, a POST request to the endpoint used to publish articles, can be used to post an article in any category with any date, regardless of who's logged in. This issue has been patched in version 1.2.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57809
Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 5 minutes ago
Description : XGrammar is an open-source library for efficient, flexible, and portable structured generation. Prior to version 0.1.21, XGrammar has an infinite recursion issue in the grammar. This issue has been resolved in version 0.1.21.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57814
Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 5 minutes ago
Description : request-filtering-agent is an http(s).Agent implementation that blocks requests to Private/Reserved IP addresses. Versions 1.x.x and earlier contain a vulnerability where HTTPS requests to 127.0.0.1 bypass IP address filtering, while HTTP requests are correctly blocked. This allows attackers to potentially access internal HTTPS services running on localhost, bypassing the library's SSRF protection. The vulnerability is particularly dangerous when the application accepts user-controlled URLs and internal services are only protected by network-level restrictions. This vulnerability has been fixed in request-filtering-agent version 2.0.0. Users should upgrade to version 2.0.0 or later.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8627
Published : Aug. 25, 2025, 10:15 p.m. | 6 hours, 5 minutes ago
Description : The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that may cause unintended power-off condition and potential information leak.
This issue affects TP-Link KP303 (US) Smartplug: before 1.1.0.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9419 - iSourcecode Apartment Management System SQL Injection
CVE ID : CVE-2025-9419
Published : Aug. 25, 2025, 9:15 p.m. | 7 hours, 5 minutes ago
Description : A vulnerability was detected in itsourcecode Apartment Management System 1.0. The affected element is an unknown function of the file /unit/addunit.php. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57804
Published : Aug. 25, 2025, 9:15 p.m. | 5 hours, 4 minutes ago
Description : h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to perform request smuggling attacks by injecting CRLF characters into headers. This occurs when servers downgrade HTTP/2 requests to HTTP/1.1 without properly validating header names/values, enabling attackers to manipulate request boundaries and bypass security controls. This issue has been patched in version 4.3.0.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6188 - Arista EOS UDP Port 3503 Remote Denial of Service and Authentication Bypass
CVE ID : CVE-2025-6188
Published : Aug. 25, 2025, 9:15 p.m. | 5 hours, 4 minutes ago
Description : On affected platforms running Arista EOS, maliciously formed UDP packets with source port 3503 may be accepted by EOS. UDP Port 3503 is associated with LspPing Echo Reply. This can result in unexpected behaviors, especially for UDP based services that do not perform some form of authentication.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9418 - itsourcecode Apartment Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9418
Published : Aug. 25, 2025, 9:15 p.m. | 5 hours, 4 minutes ago
Description : A security vulnerability has been detected in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /owner/addowner.php. Such manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3456 - Arista EOS Clear Text Encryption Key Disclosure
CVE ID : CVE-2025-3456
Published : Aug. 25, 2025, 8:15 p.m. | 6 hours, 4 minutes ago
Description : On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-config could then be used to obtain protocol specific passwords in cases where symmetric passwords are required between devices with neighbor protocol relationships.
Severity: 3.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52130
Published : Aug. 25, 2025, 8:15 p.m. | 6 hours, 4 minutes ago
Description : File upload vulnerability in WebErpMesv2 1.17 in the app/Http/Controllers/FactoryController.php controller. This flaw allows an authenticated attacker to upload arbitrary files, including PHP scripts, which can be accessed via direct GET requests, potentially resulting in remote code execution (RCE) on the web server.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9416
Published : Aug. 25, 2025, 8:15 p.m. | 6 hours, 4 minutes ago
Description : A security flaw has been discovered in oitcode samarium up to 0.9.6. This vulnerability affects unknown code of the file /cms/webpage/ of the component Pages Image Handler. The manipulation results in cross site scripting. The attack may be performed from a remote location. The exploit has been released to the public and may be exploited.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9417 - iSourcecode Apartment Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9417
Published : Aug. 25, 2025, 8:15 p.m. | 6 hours, 4 minutes ago
Description : A weakness has been identified in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /employee/addemployee.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9414
Published : Aug. 25, 2025, 7:15 p.m. | 7 hours, 4 minutes ago
Description : A vulnerability was found in kalcaddle kodbox 1.61. Affected by this vulnerability is an unknown functionality of the file /?explorer/upload/serverDownload of the component Download from Link Handler. Performing manipulation of the argument url results in server-side request forgery. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9415
Published : Aug. 25, 2025, 7:15 p.m. | 7 hours, 4 minutes ago
Description : A vulnerability was identified in GreenCMS up to 2.3.0603. This affects an unknown part of the file /index.php?m=admin&c=media&a=fileconnect. The manipulation of the argument upload[] leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57802 - Airlink Docker Bind Mount Symlink Privilege Escalation Vulnerability
CVE ID : CVE-2025-57802
Published : Aug. 25, 2025, 6:15 p.m. | 6 hours, 2 minutes ago
Description : Airlink's Daemon interfaces with Docker and the Panel to provide secure access for controlling instances via the Panel. In version 1.0.0, an attacker with access to the affected container can create symbolic links inside the mounted directory (/app/data). Because the container bind-mounts an arbitrary host path, these symlinks can point to sensitive locations on the host filesystem. When the application or other processes follow these symlinks, the attacker can gain unauthorized read access to host files outside the container. This issue has been patched in version 1.0.1.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57811
Published : Aug. 25, 2025, 6:15 p.m. | 6 hours, 2 minutes ago
Description : Craft is a platform for creating digital experiences. From versions 4.0.0-RC1 to 4.16.5 and 5.0.0-RC1 to 5.8.6, there is a potential remote code execution vulnerability via Twig SSTI (Server-Side Template Injection). This is a follow-up to CVE-2024-52293. This vulnerability has been patched in versions 4.16.6 and 5.8.7.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9412
Published : Aug. 25, 2025, 6:15 p.m. | 6 hours, 2 minutes ago
Description : A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColumn/isAsc results in sql injection. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9413
Published : Aug. 25, 2025, 6:15 p.m. | 6 hours, 2 minutes ago
Description : A flaw has been found in lostvip-com ruoyi-go up to 2.1. This impacts the function SelectListByPage of the file modules/system/system_router.go. This manipulation of the argument orderByColumn/isAsc causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50383
Published : Aug. 25, 2025, 6:15 p.m. | 4 hours, 6 minutes ago
Description : alextselegidis Easy!Appointments v1.5.1 was discovered to contain a SQL injection vulnerability via the order_by parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29420
Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago
Description : PerfreeBlog v4.0.11 has a directory traversal vulnerability in the getThemeFilesByName function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29421
Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago
Description : PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the getThemeFileContent function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50722
Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago
Description : Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute arbitrary code via the Common.php component
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53120
Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago
Description : A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor to upload binaries and scripts to the server’s configuration and web root directories, achieving remote code execution on the Unified PAM server.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57760
Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago
Description : Langflow is a tool for building and deploying AI-powered agents and workflows. A privilege escalation vulnerability exists in Langflow containers where an authenticated user with RCE access can invoke the internal CLI command langflow superuser to create a new administrative user. This results in full superuser access, even if the user initially registered through the UI as a regular (non-admin) account. A patched version has not been made public at this time.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57772
Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago
Description : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.12, there is a H2 JDBC RCE bypass in DataEase. If the JDBC URL meets criteria, the getJdbcUrl method is returned, which acts as the getter for the JdbcUrl parameter provided. This bypasses H2's filtering logic and returns the H2 JDBC URL, allowing the "driver":"org.h2.Driver" to specify the H2 driver for the JDBC connection. The vulnerability has been fixed in version 2.10.12.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57773
Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago
Description : DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.12, because DB2 parameters are not filtered, a JNDI injection attack can be directly launched. JNDI triggers an AspectJWeaver deserialization attack, writing to various files. This vulnerability requires commons-collections 4.x and aspectjweaver-1.9.22.jar. The vulnerability has been fixed in version 2.10.12.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6737
Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago
Description : Securden’s Unified PAM Remote Vendor Gateway access portal shares infrastructure and access tokens across multiple tenants. A malicious actor can obtain authentication material and access the gateway server with low-privilege permissions.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9410
Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago
Description : A weakness has been identified in lostvip-com ruoyi-go up to 2.1. The affected element is the function SelectListByPage of the file modules/system/dao/GenTableDao.go. Executing manipulation of the argument isAsc/orderByColumn can lead to sql injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9411
Published : Aug. 25, 2025, 5:15 p.m. | 5 hours, 6 minutes ago
Description : A security vulnerability has been detected in lostvip-com ruoyi-go up to 2.1. The impacted element is the function SelectPageList of the file modules/system/service/LoginInforService.go. The manipulation of the argument isAsc leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46411 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-46411
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48005
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A heap-based buffer overflow vulnerability exists in the RHS2000 parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted RHS2000 file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52461
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : An out-of-bounds read vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted .nex file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52581 - The Biosig Project libbiosig Arbitrary Code Execution Vulnerability
CVE ID : CVE-2025-52581
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted GDF file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53511 - The Biosig Project libbiosig Heap-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-53511
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53518 - The Biosig Project libbiosig Arbitrary Code Execution Vulnerability
CVE ID : CVE-2025-53518
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : An integer overflow vulnerability exists in the ABF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted ABF file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53557
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A heap-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53853
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A heap-based buffer overflow vulnerability exists in the ISHNE parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted ISHNE ECG annotations file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54370
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : PhpOffice/PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0, SSRF can occur when a processed HTML document is read and displayed in the browser. The vulnerability lies in the setPath method of the PhpOffice\PhpSpreadsheet\Worksheet\Drawing class, where a crafted string from the user is passed to the HTML reader. This issue has been patched in versions 1.30.0, 2.1.12, 2.4.0, 3.10.0, and 5.0.0.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54462
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A heap-based buffer overflow vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted .nex file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54480 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-54480
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8719 of biosig.c on the current master branch (35a819fa), when the Tag is 0:
if (tag==0) {
if (len!=1) fprintf(stderr,"Warning MFER tag0 incorrect length %i!=1\n",len);
curPos += ifread(buf,1,len,hdr);
}
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54481
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8744 of biosig.c on the current master branch (35a819fa), when the Tag is 3:
else if (tag==3) {
// character code
char v[17]; // [1]
if (len>16) fprintf(stderr,"Warning MFER tag2 incorrect length %i>16\n",len);
curPos += ifread(&v,1,len,hdr);
v[len] = 0;
In this case, the overflowed buffer is the newly-declared `v` \[1\] instead of `buf`. Since `v` is only 17 bytes large, much smaller values of `len` (even those encoded using a single octet) can trigger an overflow in this code path.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54482 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-54482
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8751 of biosig.c on the current master branch (35a819fa), when the Tag is 4:
else if (tag==4) {
// SPR
if (len>4) fprintf(stderr,"Warning MFER tag4 incorrect length %i>4\n",len);
curPos += ifread(buf,1,len,hdr);
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54483 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-54483
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8759 of biosig.c on the current master branch (35a819fa), when the Tag is 5:
else if (tag==5) //0x05: number of channels
{
uint16_t oldNS=hdr->NS;
if (len>4) fprintf(stderr,"Warning MFER tag5 incorrect length %i>4\n",len);
curPos += ifread(buf,1,len,hdr);
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54484
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8779 of biosig.c on the current master branch (35a819fa), when the Tag is 6:
else if (tag==6) // 0x06 "number of sequences"
{
// NRec
if (len>4) fprintf(stderr,"Warning MFER tag6 incorrect length %i>4\n",len);
curPos += ifread(buf,1,len,hdr);
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54485
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8785 of biosig.c on the current master branch (35a819fa), when the Tag is 8:
else if (tag==8) {
if (len>2) fprintf(stderr,"Warning MFER tag8 incorrect length %i>2\n",len);
curPos += ifread(buf,1,len,hdr);
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54486 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-54486
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8824 of biosig.c on the current master branch (35a819fa), when the Tag is 11:
else if (tag==11) //0x0B
{
// Fs
if (len>6) fprintf(stderr,"Warning MFER tag11 incorrect length %i>6\n",len);
double fval;
curPos += ifread(buf,1,len,hdr);
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54487
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8842 of biosig.c on the current master branch (35a819fa), when the Tag is 12:
else if (tag==12) //0x0C
{
// sampling resolution
if (len>6) fprintf(stderr,"Warning MFER tag12 incorrect length %i>6\n",len);
val32 = 0;
int8_t v8;
curPos += ifread(&UnitCode,1,1,hdr);
curPos += ifread(&v8,1,1,hdr);
curPos += ifread(buf,1,len-2,hdr);
In addition to values of `len` greater than 130 triggering a buffer overflow, a value of `len` smaller than 2 will also trigger a buffer overflow due to an integer underflow when computing `len-2` in this code path.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54488 - "The Biosig Project libbiosig Stack-Based Buffer Overflow"
CVE ID : CVE-2025-54488
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8850 of biosig.c on the current master branch (35a819fa), when the Tag is 13:
else if (tag==13) {
if (len>8) fprintf(stderr,"Warning MFER tag13 incorrect length %i>8\n",len);
curPos += ifread(&buf,1,len,hdr);
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54489
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 8970 of biosig.c on the current master branch (35a819fa), when the Tag is 63:
else if (tag==63) {
uint8_t tag2=255, len2=255;
count = 0;
while ((countSeverity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54490 - The Biosig Project libbiosig Stack-Based Buffer Overflow
CVE ID : CVE-2025-54490
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9090 of biosig.c on the current master branch (35a819fa), when the Tag is 64:
else if (tag==64) //0x40
{
// preamble
char tmp[256]; // [1]
curPos += ifread(tmp,1,len,hdr);
In this case, the overflowed buffer is the newly-declared `tmp` \[1\] instead of `buf`. While `tmp` is larger than `buf`, having a size of 256 bytes, a stack overflow can still occur in cases where `len` is encoded using multiple octets and is greater than 256.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54491 - The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-54491
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9191 of biosig.c on the current master branch (35a819fa), when the Tag is 65:
else if (tag==65) //0x41: patient event
{
// event table
curPos += ifread(buf,1,len,hdr);
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54492
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9141 of biosig.c on the current master branch (35a819fa), when the Tag is 67:
else if (tag==67) //0x43: Sample skew
{
int skew=0; // [1]
curPos += ifread(&skew, 1, len,hdr);
In this case, the address of the newly-defined integer `skew` \[1\] is overflowed instead of `buf`. This means a stack overflow can occur using much smaller values of `len` in this code path.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54493
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9184 of biosig.c on the current master branch (35a819fa), when the Tag is 131:
else if (tag==131) //0x83
{
// Patient Age
if (len!=7) fprintf(stderr,"Warning MFER tag131 incorrect length %i!=7\n",len);
curPos += ifread(buf,1,len,hdr);
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54494
Published : Aug. 25, 2025, 2:15 p.m. | 7 hours, 30 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.This vulnerability manifests on line 9205 of biosig.c on the current master branch (35a819fa), when the Tag is 133:
else if (tag==133) //0x85
{
curPos += ifread(buf,1,len,hdr);
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9407
Published : Aug. 25, 2025, 11:15 a.m. | 3 hours, 6 minutes ago
Description : A flaw has been found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used. Other parameters might be affected as well.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-48303 - Kevin Langley Jr. Post Type Converter CSRF Vulnerability
CVE ID : CVE-2025-48303
Published : Aug. 25, 2025, 10:15 a.m. | 4 hours, 6 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Kevin Langley Jr. Post Type Converter allows Cross-Site Request Forgery.This issue affects Post Type Converter: from n/a through 0.6.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8562
Published : Aug. 25, 2025, 10:15 a.m. | 4 hours, 6 minutes ago
Description : The Custom Query Shortcode plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 0.4.0 via the 'lens' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to read the contents of files on the server, which can contain sensitive information.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7426 - Mnova TTA FTP Debug Port Authentication Bypass Information Disclosure
CVE ID : CVE-2025-7426
Published : Aug. 25, 2025, 9:15 a.m. | 5 hours, 6 minutes ago
Description : Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of automated business processes (e.g. EDI or data integration), this could lead to data manipulation, extraction, or abuse. Debug ports 1602, 1603 and 1636 also expose service architecture information and system activity logs
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5191
Published : Aug. 25, 2025, 8:15 a.m. | 6 hours, 6 minutes ago
Description : An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. While successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of confidentiality, integrity, or availability within any subsequent systems.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54300
Published : Aug. 25, 2025, 7:15 a.m. | 7 hours, 6 minutes ago
Description : A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. The SVG upload feature does not sanitize uploads.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54301
Published : Aug. 25, 2025, 7:15 a.m. | 7 hours, 6 minutes ago
Description : A stored XSS vulnerability in Quantum Manager component 1.0.0-3.2.0 for Joomla was discovered. File names are not properly escaped.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8997 - OpenText Enterprise Security Manager Information Exposure Vulnerability
CVE ID : CVE-2025-8997
Published : Aug. 25, 2025, 7:15 a.m. | 7 hours, 6 minutes ago
Description : An Information Exposure vulnerability has been identified in OpenText Enterprise Security Manager. The vulnerability could be remotely exploited.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9118 - Google Cloud Dataform Path Traversal Vulnerability
CVE ID : CVE-2025-9118
Published : Aug. 25, 2025, 7:15 a.m. | 7 hours, 6 minutes ago
Description : A path traversal vulnerability in the NPM package installation process of Google Cloud Dataform allows a remote attacker to read and write files in other customers' repositories via a maliciously crafted package.json file.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5514 - Mitsubishi Electric Corporation MELSEC iQ-F Series CPU Module HTTP Request Delay Denial of Service Vulnerability
CVE ID : CVE-2025-5514
Published : Aug. 25, 2025, 6:15 a.m. | 8 hours, 6 minutes ago
Description : Improper Handling of Length Parameter Inconsistency vulnerability in web server function on Mitsubishi Electric Corporation MELSEC iQ-F Series CPU module allows a remote unauthenticated attacker to delay the processing of the web server function and prevent legitimate users from utilizing the web server function, by sending a specially crafted HTTP request.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9405
Published : Aug. 25, 2025, 4:15 a.m. | 10 hours, 6 minutes ago
Description : A security flaw has been discovered in Open5GS up to 2.7.5. The impacted element is the function gmm_state_exception of the file src/amf/gmm-sm.c. The manipulation results in reachable assertion. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. The patch is identified as 8e5fed16114f2f5e40bee1b161914b592b2b7b8f. Applying a patch is advised to resolve this issue.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9406
Published : Aug. 25, 2025, 4:15 a.m. | 10 hours, 5 minutes ago
Description : A weakness has been identified in xuhuisheng lemon up to 1.13.0. This affects the function uploadImage of the file CmsArticleController.java of the component com.mossle.cms.web.CmsArticleController.uploadImage. This manipulation of the argument Upload causes unrestricted upload. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9403 - "jqlang jq JSON Parser Local Assertion Vulnerability"
CVE ID : CVE-2025-9403
Published : Aug. 25, 2025, 3:15 a.m. | 11 hours, 6 minutes ago
Description : A vulnerability was determined in jqlang jq up to 1.6. Impacted is the function run_jq_tests of the file jq_test.c of the component JSON Parser. Executing manipulation can lead to reachable assertion. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Other versions might be affected as well.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9404
Published : Aug. 25, 2025, 3:15 a.m. | 11 hours, 6 minutes ago
Description : A vulnerability was identified in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file /pointHierarchySLTS of the component Folder Handler. The manipulation of the argument Title leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9402
Published : Aug. 25, 2025, 2:15 a.m. | 12 hours, 6 minutes ago
Description : A vulnerability was found in HuangDou UTCMS 9. This issue affects some unknown processing of the file app/modules/ut-frame/admin/update.php of the component Config Handler. Performing manipulation of the argument UPDATEURL results in server-side request forgery. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9399
Published : Aug. 25, 2025, 1:15 a.m. | 13 hours, 6 minutes ago
Description : A vulnerability was detected in YiFang CMS up to 2.0.5. Affected by this issue is some unknown functionality of the file app/logic/L_tool.php. The manipulation of the argument new_url results in sql injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9400
Published : Aug. 25, 2025, 1:15 a.m. | 13 hours, 6 minutes ago
Description : A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload of the file app/utils/base/plugin/P_file.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9401
Published : Aug. 25, 2025, 1:15 a.m. | 13 hours, 6 minutes ago
Description : A vulnerability has been found in HuangDou UTCMS 9. This vulnerability affects unknown code of the file app/modules/ut-frame/admin/login.php of the component Login. Such manipulation of the argument code leads to incorrect comparison. The attack can be executed remotely. The attack requires a high level of complexity. It is stated that the exploitability is difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9398 - YiFang CMS Migrate.php Information Disclosure
CVE ID : CVE-2025-9398
Published : Aug. 25, 2025, 12:15 a.m. | 14 hours, 6 minutes ago
Description : A security vulnerability has been detected in YiFang CMS up to 2.0.5. Affected by this vulnerability is the function exportInstallTable of the file app/utils/base/database/Migrate.php. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9396
Published : Aug. 24, 2025, 11:15 p.m. | 15 hours, 6 minutes ago
Description : A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function __GI_____strtol_l_internal of the file strtol_l.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be exploited.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9397
Published : Aug. 24, 2025, 11:15 p.m. | 15 hours, 6 minutes ago
Description : A weakness has been identified in givanz Vvveb up to 1.0.7.2. Affected is an unknown function of the file /system/traits/media.php. Executing manipulation of the argument files[] can lead to unrestricted upload. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. Applying a patch is advised to resolve this issue. The code maintainer explains, that "[he] fixed the code to remove this vulnerability and will make a new release".
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9395
Published : Aug. 24, 2025, 10:15 p.m. | 16 hours, 6 minutes ago
Description : A vulnerability was identified in wangsongyan wblog 0.0.1. This affects the function RestorePost of the file backup.go. Such manipulation of the argument fileName leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9393 - "Linksys RE Series Stack-Based Buffer Overflow Vulnerability"
CVE ID : CVE-2025-9393
Published : Aug. 24, 2025, 4:15 p.m. | 22 hours, 6 minutes ago
Description : A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function addStaProfile of the file /goform/addStaProfile. Performing manipulation of the argument profile_name/Ssid/wep_key_1/wep_key_2/wep_key_3/wep_key_4/wep_key_length/wep_default_key/cipher/passphrase results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9394 - PoDoFo PDF Dictionary Parser Use After Free Vulnerability
CVE ID : CVE-2025-9394
Published : Aug. 24, 2025, 4:15 p.m. | 22 hours, 6 minutes ago
Description : A flaw has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the component PDF Dictionary Parser. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been published and may be used. This patch is called 22d16cb142f293bf956f66a4d399cdd65576d36c. A patch should be applied to remediate this issue.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9392
Published : Aug. 24, 2025, 3:15 p.m. | 23 hours, 6 minutes ago
Description : A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function qosClassifier of the file /goform/qosClassifier. Such manipulation of the argument dir/sFromPort/sToPort/dFromPort/dToPort/protocol/layer7/dscp/remark_dscp leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9391
Published : Aug. 24, 2025, 3:15 p.m. | 20 hours, 31 minutes ago
Description : A weakness has been identified in Bjskzy Zhiyou ERP up to 11.0. Affected by this issue is the function getFieldValue of the component com.artery.workflow.ServiceImpl. This manipulation of the argument sql causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9390 - Vim xxd Buffer Overflow Vulnerability
CVE ID : CVE-2025-9390
Published : Aug. 24, 2025, 2:15 p.m. | 21 hours, 8 minutes ago
Description : A security flaw has been discovered in vim up to 9.1.1615. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be exploited. Upgrading to version 9.1.1616 addresses this issue. The patch is identified as eeef7c77436a78cd27047b0f5fa6925d56de3cb0. It is recommended to upgrade the affected component.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9388
Published : Aug. 24, 2025, 1:15 p.m. | 20 hours, 12 minutes ago
Description : A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function of the file watch_list.shtm. Executing manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9389 - Vim Local Memory Corruption Vulnerability
CVE ID : CVE-2025-9389
Published : Aug. 24, 2025, 1:15 p.m. | 20 hours, 12 minutes ago
Description : A vulnerability was identified in vim 9.1.0000. Affected is the function __memmove_avx_unaligned_erms of the file memmove-vec-unaligned-erms.S. The manipulation leads to memory corruption. The attack needs to be performed locally. The exploit is publicly available and might be used. Some users are not able to reproduce this. One of the users mentions that this appears not to be working, "when coloring is turned on".
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9387 - DCN DCME-720 Web Management Backend OS Command Injection
CVE ID : CVE-2025-9387
Published : Aug. 24, 2025, 12:15 p.m. | 19 hours, 11 minutes ago
Description : A vulnerability was found in DCN DCME-720 9.1.5.11. This affects an unknown function of the file /usr/local/www/function/audit/newstatistics/ip_block.php of the component Web Management Backend. Performing manipulation of the argument ip results in os command injection. It is possible to initiate the attack remotely. The exploit has been made public and could be used. Other products might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9385 - Appneta TCPreplay Use After Free Vulnerability
CVE ID : CVE-2025-9385
Published : Aug. 24, 2025, 11:15 a.m. | 20 hours, 11 minutes ago
Description : A flaw has been found in appneta tcpreplay up to 4.5.1. The affected element is the function fix_ipv6_checksums of the file edit_packet.c of the component tcprewrite. This manipulation causes use after free. The attack is restricted to local execution. The exploit has been published and may be used. Upgrading to version 4.5.2-beta3 is sufficient to fix this issue. It is advisable to upgrade the affected component.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9386 - AppNeta Tcpreplay Use After Free Vulnerability
CVE ID : CVE-2025-9386
Published : Aug. 24, 2025, 11:15 a.m. | 20 hours, 11 minutes ago
Description : A vulnerability has been found in appneta tcpreplay up to 4.5.1. The impacted element is the function get_l2len_protocol of the file get.c of the component tcprewrite. Such manipulation leads to use after free. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Upgrading to version 4.5.2-beta3 is sufficient to resolve this issue. You should upgrade the affected component.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9383 - FNKvision Y215 CCTV Camera Weak Hash Local Privilege Escalation Vulnerability
CVE ID : CVE-2025-9383
Published : Aug. 24, 2025, 10:15 a.m. | 21 hours, 11 minutes ago
Description : A security vulnerability has been detected in FNKvision Y215 CCTV Camera 10.194.120.40. This issue affects the function crypt of the file /etc/passwd. The manipulation leads to use of weak hash. The attack can only be performed from a local environment. The complexity of an attack is rather high. The exploitability is assessed as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9384 - Appneta TCPreplay Local Null Pointer Dereference Vulnerability
CVE ID : CVE-2025-9384
Published : Aug. 24, 2025, 10:15 a.m. | 21 hours, 11 minutes ago
Description : A vulnerability was detected in appneta tcpreplay up to 4.5.1. Impacted is the function tcpedit_post_args of the file /src/tcpedit/parse_args.c. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit is now public and may be used. Upgrading to version 4.5.2-beta2 is recommended to address this issue. Upgrading the affected component is advised. The vendor explains, that he was "[a]ble to reproduce in 6fcbf03 but not in 4.5.2-beta2".
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9382 - FNKvision Y215 CCTV Camera Telnet Service Backdoor Vulnerability
CVE ID : CVE-2025-9382
Published : Aug. 24, 2025, 8:15 a.m. | 21 hours, 8 minutes ago
Description : A weakness has been identified in FNKvision Y215 CCTV Camera 10.194.120.40. This vulnerability affects unknown code of the file s1_rf_test_config of the component Telnet Sevice. Executing manipulation can lead to backdoor. The physical device can be targeted for the attack. This attack is characterized by high complexity. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9381 - FNKvision Y215 CCTV Camera File Disclosure Vulnerability
CVE ID : CVE-2025-9381
Published : Aug. 24, 2025, 8:15 a.m. | 19 hours, 11 minutes ago
Description : A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an unknown part of the file /tmp/wpa_supplicant.conf. Performing manipulation results in information disclosure. The attack may be carried out on the physical device. The attack's complexity is rated as high. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 1.6 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9379
Published : Aug. 24, 2025, 7:15 a.m. | 20 hours, 10 minutes ago
Description : A vulnerability was determined in Belkin AX1800 1.1.00.016. Affected by this vulnerability is an unknown functionality of the component Firmware Update Handler. This manipulation causes insufficient verification of data authenticity. The attack can be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9380 - FNKvision Y215 CCTV Camera Firmware Hard-coded Credentials Vulnerability
CVE ID : CVE-2025-9380
Published : Aug. 24, 2025, 7:15 a.m. | 20 hours, 10 minutes ago
Description : A vulnerability was identified in FNKvision Y215 CCTV Camera 10.194.120.40. Affected by this issue is some unknown functionality of the file /etc/passwd of the component Firmware. Such manipulation leads to hard-coded credentials. Local access is required to approach this attack. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8208 - Spexo Addons for Elementor WordPress Stored Cross-Site Scripting
CVE ID : CVE-2025-8208
Published : Aug. 24, 2025, 6:15 a.m. | 21 hours, 10 minutes ago
Description : The Spexo Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 1.0.23 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36157 - IBM Jazz Foundation Unauthorized File Update Vulnerability
CVE ID : CVE-2025-36157
Published : Aug. 24, 2025, 2:15 a.m. | 22 hours, 42 minutes ago
Description : IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004 could allow an unauthenticated remote attacker to update server property files that would allow them to perform unauthorized actions.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36174 - IBM Integrated Analytics System File Upload Arbitrary Code Execution Vulnerability
CVE ID : CVE-2025-36174
Published : Aug. 24, 2025, 2:15 a.m. | 22 hours, 42 minutes ago
Description : IBM Integrated Analytics System 1.0.0.0 through 1.0.30.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9362
Published : Aug. 23, 2025, 2:15 p.m. | 1 day, 10 hours ago
Description : A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The impacted element is the function urlFilterManageRule of the file /goform/urlFilterManageRule. Executing manipulation of the argument urlFilterRuleName/scheduleUrl/addURLFilter can lead to stack-based buffer overflow. The attack may be launched remotely. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9363
Published : Aug. 23, 2025, 2:15 p.m. | 1 day, 10 hours ago
Description : A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function portTriggerManageRule of the file /goform/portTriggerManageRule. The manipulation of the argument triggerRuleName/schedule leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9361 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-9361
Published : Aug. 23, 2025, 12:15 p.m. | 1 day, 11 hours ago
Description : A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The affected element is the function ipRangeBlockManageRule of the file /goform/ipRangeBlockManageRule. Performing manipulation of the argument ipRangeBlockRuleName/scheduleIp/ipRangeBlockRuleIpAddr results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9360 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-9360
Published : Aug. 23, 2025, 11:15 a.m. | 1 day, 12 hours ago
Description : A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Impacted is the function accessControlAdd of the file /goform/accessControlAdd. Such manipulation of the argument ruleName/schedule leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9359
Published : Aug. 23, 2025, 10:15 a.m. | 1 day, 13 hours ago
Description : A weakness has been identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function RP_checkCredentialsByBBS of the file /goform/RP_checkCredentialsByBBS. This manipulation of the argument ssidhex/pwd causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9358 - Linksys RE Series Stack-Based Buffer Overflow
CVE ID : CVE-2025-9358
Published : Aug. 23, 2025, 8:15 a.m. | 1 day, 13 hours ago
Description : A security flaw has been discovered in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function setSysAdm of the file /goform/setSysAdm. The manipulation of the argument admpasshint results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5060 - Bravis User WordPress Authentication Bypass Vulnerability
CVE ID : CVE-2025-5060
Published : Aug. 23, 2025, 7:15 a.m. | 1 day, 8 hours ago
Description : The Bravis User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.0. This is due to the plugin not properly logging a user in with the data that was previously verified through the facebook_ajax_login_callback(). This makes it possible for unauthenticated attackers to log in as administrative users, as long as they have an existing account on the site, and access to the administrative user's email.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5352
Published : Aug. 23, 2025, 7:15 a.m. | 1 day, 8 hours ago
Description : A critical stored Cross-Site Scripting (XSS) vulnerability exists in the Analytics component of lunary-ai/lunary versions up to 1.9.23, where the NEXT_PUBLIC_CUSTOM_SCRIPT environment variable is directly injected into the DOM using dangerouslySetInnerHTML without any sanitization or validation. This allows arbitrary JavaScript execution in all users' browsers if an attacker can control the environment variable during deployment or through server compromise. The vulnerability can lead to complete account takeover, data exfiltration, malware distribution, and persistent attacks affecting all users until the environment variable is cleaned. The issue is fixed in version 1.9.25.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5821 - "WordPress Case Theme User Plugin Authentication Bypass"
CVE ID : CVE-2025-5821
Published : Aug. 23, 2025, 7:15 a.m. | 1 day, 8 hours ago
Description : The Case Theme User plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.0.3. This is due to the plugin not properly logging a user in with the data that was previously verified through the facebook_ajax_login_callback(). This makes it possible for unauthenticated attackers to log in as administrative users, as long as they have an existing account on the site, and access to the administrative user's email.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9357
Published : Aug. 23, 2025, 6:15 a.m. | 1 day, 9 hours ago
Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function langSwitchByBBS of the file /goform/langSwitchByBBS. The manipulation of the argument langSelectionOnly leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7813
Published : Aug. 23, 2025, 6:15 a.m. | 1 day, 7 hours ago
Description : The Events Calendar, Event Booking, Registrations and Event Tickets – Eventin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.37 via the proxy_image function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9048
Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 8 hours ago
Description : The Wptobe-memberships plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the del_img_ajax_call() function in all versions up to, and including, 3.4.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9131
Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 8 hours ago
Description : The Ogulo – 360° Tour plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘slug’ parameter in all versions up to, and including, 1.0.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7842
Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 6 hours ago
Description : The Silencesoft RSS Reader plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.6. This is due to missing or incorrect nonce validation on the 'sil_rss_edit_page' page. This makes it possible for unauthenticated attackers to delete RSS feeds via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7957
Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 6 hours ago
Description : The ShortcodeHub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘author_link_target’ parameter in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8062
Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 6 hours ago
Description : The WS Theme Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ws_weather shortcode in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7839 - WordPress Restore Permanently Delete Post or Page Data CSRF
CVE ID : CVE-2025-7839
Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 4 hours ago
Description : The Restore Permanently delete Post or Page Data plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the rp_dpo_dpa_ajax_dp_delete_data() function. This makes it possible for unauthenticated attackers to delete data via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7841
Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 4 hours ago
Description : The Sertifier Certificate & Badge Maker for WordPress – Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.19. This is due to missing or incorrect nonce validation on the 'sertifier_settings' page. This makes it possible for unauthenticated attackers to update the plugin's api key via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7827 - Ni WooCommerce Customer Product Report Unauthorized Data Modification
CVE ID : CVE-2025-7827
Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 2 hours ago
Description : The Ni WooCommerce Customer Product Report plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ni_woocpr_action() function in all versions up to, and including, 1.2.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin settings.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7828
Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 2 hours ago
Description : The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the post_listing_page() function in all versions up to, and including, 0.4. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete feeds.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7642
Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 1 hour ago
Description : The Simpler Checkout plugin for WordPress is vulnerable to Authentication Bypass in versions 0.7.0 to 1.1.9. This is due to the plugin not properly verifying a user's identity prior to logging them in as an admin through the simplerwc_woocommerce_order_created() function. This makes it possible for unauthenticated attackers to log in as other users based on their order ID, which can be an administrator if a site admin has placed a test order.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7821 - "WordPress WC Plus Favicon Logo Base Unauthorized Modification Vulnerability"
CVE ID : CVE-2025-7821
Published : Aug. 23, 2025, 5:15 a.m. | 1 day, 1 hour ago
Description : The WC Plus plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pluswc_logo_favicon_logo_base' AJAX action in all versions up to, and including, 1.2.0. This makes it possible for unauthenticated attackers to update the site's favicon logo base.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43766
Published : Aug. 23, 2025, 5:15 a.m. | 1 day ago
Description : The Liferay Portal 7.4.0 through 7.3.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows the upload of unrestricted files in the style books component that are processed within the environment enabling arbitrary code execution by attackers.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43764 - Liferay Portal Liferay DXP Regular Expression Denial of Service
CVE ID : CVE-2025-43764
Published : Aug. 23, 2025, 5:15 a.m. | 20 hours, 7 minutes ago
Description : Self-ReDoS (Regular expression Denial of Service) exists with Role Name search field of Kaleo Designer portlet JavaScript in Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.1, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.20 and 7.4 GA through update 92, which allows authenticated users with permissions to update Kaleo Workflows to enter a malicious Regex pattern causing their browser to hang for a very long time.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43765
Published : Aug. 23, 2025, 5:15 a.m. | 20 hours, 7 minutes ago
Description : A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.13 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the text field from a web content.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43767
Published : Aug. 23, 2025, 4:15 a.m. | 9 hours, 12 minutes ago
Description : Open Redirect vulnerability in /c/portal/edit_info_item parameter redirect in Liferay Portal 7.4.3.86 through 7.4.3.131, and Liferay DXP 2024.Q3.1 through 2024.Q3.9, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 update 86 through update 92 allows an attacker to exploit this security vulnerability to redirect users to a malicious site.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58043 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-58043
Published : Aug. 23, 2025, 3:15 a.m. | 10 hours, 13 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58042 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-58042
Published : Aug. 23, 2025, 3:15 a.m. | 9 hours, 12 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58041 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-58041
Published : Aug. 23, 2025, 3:15 a.m. | 7 hours, 54 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58040 - Apache HTTP Server Authentication Bypass
CVE ID : CVE-2025-58040
Published : Aug. 23, 2025, 3:15 a.m. | 6 hours, 15 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58039
Published : Aug. 23, 2025, 3:15 a.m. | 5 hours, 11 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58036 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-58036
Published : Aug. 23, 2025, 3:15 a.m. | 3 hours, 54 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58037
Published : Aug. 23, 2025, 3:15 a.m. | 3 hours, 54 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-58038
Published : Aug. 23, 2025, 3:15 a.m. | 3 hours, 54 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43769
Published : Aug. 23, 2025, 3:15 a.m. | 3 hours, 11 minutes ago
Description : Stored cross-site scripting (XSS) vulnerability in Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q3.1 through 2024.Q3.8, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows remote attackers to execute arbitrary web script or HTML via components tab.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-58035 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-58035
Published : Aug. 23, 2025, 3:15 a.m. | 3 hours, 11 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22860 - Norton Antivirus Unvalidated Redirect to Arbitrary URL
CVE ID : CVE-2025-22860
Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22861
Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22863 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-22863
Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22864 - Apache HTTP Server Command Injection
CVE ID : CVE-2025-22864
Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24468 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-24468
Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24469 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-24469
Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43768 - Liferay Portal Unauthenticated Admin Data Disclosure
CVE ID : CVE-2025-43768
Published : Aug. 23, 2025, 3:15 a.m. | 1 hour, 54 minutes ago
Description : Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows authenticated users without any permissions to access sensitive information of admin users using JSONWS APIs.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43770
Published : Aug. 23, 2025, 2:15 a.m. | 2 hours, 54 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.3, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the referer or FORWARD_URL using %00 in those parameters.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8193 - "Apache HTTP Server Information Disclosure Vulnerability"
CVE ID : CVE-2025-8193
Published : Aug. 22, 2025, 11:15 p.m. | 5 hours, 54 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52450
Published : Aug. 22, 2025, 9:15 p.m. | 7 hours, 54 minutes ago
Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salesforce Tableau Server on Windows, Linux (abdoc api - create-data-source-from-file-upload modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52451 - "Salesforce Tableau Server Absolute Path Traversal Vulnerability"
CVE ID : CVE-2025-52451
Published : Aug. 22, 2025, 9:15 p.m. | 7 hours, 54 minutes ago
Description : Improper Input Validation vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc api - create-data-source-from-file-upload modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55455
Published : Aug. 22, 2025, 9:15 p.m. | 7 hours, 54 minutes ago
Description : DooTask v1.0.51 was dicovered to contain an authenticated arbitrary download vulnerability via the component /msg/sendtext.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9355
Published : Aug. 22, 2025, 9:15 p.m. | 7 hours, 54 minutes ago
Description : A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this vulnerability is the function scheduleAdd of the file /goform/scheduleAdd. Performing manipulation of the argument ruleName results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9356
Published : Aug. 22, 2025, 9:15 p.m. | 7 hours, 54 minutes ago
Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function inboundFilterAdd of the file /goform/inboundFilterAdd. Executing manipulation of the argument ruleName can lead to stack-based buffer overflow. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2022-45133 - Mahara XML Font Font Traversal Code Execution Vulnerability
CVE ID : CVE-2022-45133
Published : Aug. 22, 2025, 9:15 p.m. | 5 hours, 54 minutes ago
Description : Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-26496 - Tableau Type Confusion Local Code Inclusion Vulnerability
CVE ID : CVE-2025-26496
Published : Aug. 22, 2025, 9:15 p.m. | 5 hours, 54 minutes ago
Description : Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-26497 - Tableau Server Absolute Path Traversal Vulnerability
CVE ID : CVE-2025-26497
Published : Aug. 22, 2025, 9:15 p.m. | 5 hours, 54 minutes ago
Description : Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (Flow Editor modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-26498 - "Salesforce Tableau Server File Upload Arbitrary File Write"
CVE ID : CVE-2025-26498
Published : Aug. 22, 2025, 9:15 p.m. | 5 hours, 54 minutes ago
Description : Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux (establish-connection-no-undo modules) allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43761 - Liferay Portal and DXP Reflected Cross-Site Scripting (XSS)
CVE ID : CVE-2025-43761
Published : Aug. 22, 2025, 9:15 p.m. | 5 hours, 54 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.4, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the frontend-editor-ckeditor-web/ckeditor/samples/old/ajax.html path
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4609
Published : Aug. 22, 2025, 9:15 p.m. | 5 hours, 54 minutes ago
Description : Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2022-31491 - Voltronic Power Remote Code Execution
CVE ID : CVE-2022-31491
Published : Aug. 22, 2025, 8:15 p.m. | 6 hours, 54 minutes ago
Description : Voltronic Power ViewPower through 1.04-24215, ViewPower Pro through 2.0-22165, and PowerShield Netguard before 1.04-23292 allows a remote attacker to run arbitrary code via an unspecified web interface related to detection of a managed UPS shutting down. An unauthenticated attacker can use this to run arbitrary code immediately regardless of any managed UPS state or presence.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2022-43110 - Voltronic Power ViewPower and PowerShield Netguard Unauthenticated Remote Command Execution
CVE ID : CVE-2022-43110
Published : Aug. 22, 2025, 8:15 p.m. | 6 hours, 54 minutes ago
Description : Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a remote attacker to configure the system via an unspecified web interface. An unauthenticated remote attacker can make changes to the system including: changing the web interface admin password, view/change system configuration, enumerate connected UPS devices and shut down connected UPS devices. This extends to being able to configure operating system commands that should run if the system detects a connected UPS shutting down.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57801
Published : Aug. 22, 2025, 8:15 p.m. | 6 hours, 54 minutes ago
Description : gnark is a zero-knowledge proof system framework. In versions prior to 0.14.0, the Verify function in eddsa.go and ecdsa.go used the S value from a signature without asserting that 0 ≤ S < order, leading to a signature malleability vulnerability. Because gnark’s native EdDSA and ECDSA circuits lack essential constraints, multiple distinct witnesses can satisfy the same public inputs. In protocols where nullifiers or anti-replay checks are derived from R and S, this enables signature malleability and may allow double spending. This issue has been addressed in version 0.14.0.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43762 - Liferay Portal File Upload Denial of Service
CVE ID : CVE-2025-43762
Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago
Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the forms, the files are stored in the document_library allowing an attacker to cause a potential DDoS.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-4650 - Apache Web Meta Service SQL Injection Vulnerability
CVE ID : CVE-2025-4650
Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago
Description : User with high privileges is able to introduce a SQLi using the Meta Service indicator page. Caused by an Improper Neutralization of Special Elements used in an SQL Command.This issue affects web: from 24.10.0 before 24.10.9, from 24.04.0 before 24.04.16, from 23.10.0 before 23.10.26.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50858
Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago
Description : Reflected Cross-Site Scripting in the List MySQL Databases function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the action parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50859 - Easy Hosting Control Panel (EHCP) Reflected Cross-Site Scripting
CVE ID : CVE-2025-50859
Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago
Description : Reflected Cross-Site Scripting in the Change Template function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via the template parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51092
Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago
Description : The LogIn-SignUp project by VishnuSivadasVS is vulnerable to SQL Injection due to unsafe construction of SQL queries in DataBase.php. The functions logIn() and signUp() build queries by directly concatenating user input and unvalidated table names without using prepared statements. While a prepareData() function exists, it is insufficient to prevent SQL injection and does not sanitize the table name.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54812
Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago
Description : Improper Output Neutralization for Logs vulnerability in Apache Log4cxx.
When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file.
If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order to hide information from logs or steal data from the user.
In order to activate this, the following sequence must occur:
* Log4cxx is configured to use HTMLLayout.
* Logger name comes from an untrusted string
* Logger with compromised name logs a message
* User opens the generated HTML log file in their browser, leading to potential XSS
Because logger names are generally constant strings, we assess the impact to users as LOW
This issue affects Apache Log4cxx: before 1.5.0.
Users are recommended to upgrade to version 1.5.0, which fixes the issue.
Severity: 2.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54813
Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago
Description : Improper Output Neutralization for Logs vulnerability in Apache Log4cxx.
When using JSONLayout, not all payload bytes are properly escaped. If an attacker-supplied message contains certain non-printable characters, these will be passed along in the message and written out as part of the JSON message. This may prevent applications that consume these logs from correctly interpreting the information within them.
This issue affects Apache Log4cxx: before 1.5.0.
Users are recommended to upgrade to version 1.5.0, which fixes the issue.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55454
Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago
Description : An authenticated arbitrary file upload vulnerability in the component /msg/sendfiles of DooTask v1.0.51 allows attackers to execute arbitrary code via uploading a crafted file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6791 - Centreon Web SQL Injection Vulnerability
CVE ID : CVE-2025-6791
Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 54 minutes ago
Description : On the monitoring event logs page, it is possible to alter the http request to insert a payload in the DB. Caused by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Centreon web (Monitoring event logs modules) allows SQL Injection.
This issue affects web: from 24.10.0 before 24.10.9, from 24.04.0 before 24.04.16, from 23.10.0 before 23.10.26.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43759
Published : Aug. 22, 2025, 7:15 p.m. | 7 hours, 10 minutes ago
Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows admin users of a virtual instance to add pages that are not in the default/main virtual instance, then any tenant can create a list of all other tenants.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43758
Published : Aug. 22, 2025, 7:15 p.m. | 4 hours, 12 minutes ago
Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows unauthenticated users (guests) to access via URL files uploaded by object entry and stored in document_library
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2022-45134 - Mahara XML Deserialization Code Execution Vulnerability
CVE ID : CVE-2022-45134
Published : Aug. 22, 2025, 7:15 p.m. | 1 hour, 59 minutes ago
Description : Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 deserializes user input unsafely during skin import. A particularly structured XML file could cause code execution when being processed.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-48988
Published : Aug. 22, 2025, 7:15 p.m. | 1 hour, 59 minutes ago
Description : SQL Injection vulnerability in Apache StreamPark.
This issue affects Apache StreamPark: from 2.1.4 before 2.1.6.
Users are recommended to upgrade to version 2.1.6, which fixes the issue.
This vulnerability is present only in the distribution package (SpringBoot platform) and does not involve Maven artifacts.
It can only be exploited after a user has successfully logged into the platform (implying that the attacker would first need to compromise the login authentication).
As a result, the associated risk is considered relatively low.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-50645
Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago
Description : MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without any token.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-52786
Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago
Description : An authentication bypass vulnerability in anji-plus AJ-Report up to v1.4.2 allows unauthenticated attackers to execute arbitrary code via a crafted URL.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-53496 - Apache My-site Unauthenticated Access Control Bypass
CVE ID : CVE-2024-53496
Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago
Description : Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53499
Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago
Description : Jeewms v3.7 was discovered to contain a SQL injection vulnerability via the CgReportController API.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43760
Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4, 2024.Q4.0 through 2024.Q4.6, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.20 and 7.4 GA through update 92 allows an remote authenticated attacker to inject JavaScript into the PortalUtil.escapeRedirect
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52085
Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago
Description : An SQL injection vulnerability in Yoosee application v6.32.4 allows authenticated users to inject arbitrary SQL queries via a request to a backend API endpoint. Successful exploitation enables extraction of sensitive database information, including but not limited to, the database server banner and version, current database user and schema, the current DBMS user privileges, and arbitrary data from any table.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52287 - OperaMasks SDK ELite Script Engine RCE via Deserialization
CVE ID : CVE-2025-52287
Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago
Description : OperaMasks SDK ELite Script Engine v0.5.0 was discovered to contain a deserialization vulnerability.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55581
Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago
Description : D-Link DCS-825L firmware version 1.08.01 and possibly prior versions contain an insecure implementation in the mydlink-watch-dog.sh script. The script monitors and respawns the `dcp` and `signalc` binaries without validating their integrity, origin, or permissions. An attacker with filesystem access (e.g., via UART or firmware modification) may replace these binaries to achieve persistent arbitrary code execution with root privileges. The issue stems from improper handling of executable trust and absence of integrity checks in the watchdog logic.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55613
Published : Aug. 22, 2025, 6:15 p.m. | 2 hours, 59 minutes ago
Description : Tenda O3V2 1.0.0.12(3880) is vulnerable to Buffer Overflow in the fromSafeSetMacFilter function via the mac parameter.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57770
Published : Aug. 22, 2025, 5:15 p.m. | 3 hours, 8 minutes ago
Description : The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. Versions 4.0.0 to 4.0.2, 3.0.0 to 3.3.6, and all versions prior to 2.71.15 are vulnerable to a username enumeration issue in the login interface. The login UI includes a security feature, Ignoring unknown usernames, that is intended to prevent username enumeration by returning a generic response for both valid and invalid usernames. This vulnerability allows an unauthenticated attacker to bypass this protection by submitting arbitrary userIDs to the select account page and distinguishing between valid and invalid accounts based on the system's response. For effective exploitation, an attacker needs to iterate through possible userIDs, but the impact can be limited by implementing rate limiting or similar measures. The issue has been patched in versions 4.0.3, 3.4.0, and 2.71.15.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57771
Published : Aug. 22, 2025, 5:15 p.m. | 3 hours, 8 minutes ago
Description : Roo Code is an AI-powered autonomous coding agent that lives in users' editors. In versions prior to 3.25.5, Roo-Code fails to properly handle process substitution and single ampersand characters in the command parsing logic for auto-execute commands. If a user has enabled auto-approved execution for a command such as ls, an attacker who can submit crafted prompts to the agent may inject arbitrary commands to be executed alongside the intended command. Exploitation requires attacker access to submit prompts and for the user to have enabled auto-approved command execution, which is disabled by default. This vulnerability could allow an attacker to execute arbitrary code. The issue is fixed in version 3.25.5.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57800
Published : Aug. 22, 2025, 5:15 p.m. | 3 hours, 8 minutes ago
Description : Audiobookshelf is an open-source self-hosted audiobook server. In versions 2.6.0 through 2.26.3, the application does not properly restrict redirect callback URLs during OIDC authentication. An attacker can craft a login link that causes Audiobookshelf to store an arbitrary callback in a cookie, which is later used to redirect the user after authentication. The server then issues a 302 redirect to the attacker-controlled URL, appending sensitive OIDC tokens as query parameters. This allows an attacker to obtain the victim's tokens and perform full account takeover, including creating persistent admin users if the victim is an administrator. Tokens are further leaked via browser history, Referer headers, and server logs. This vulnerability impacts all Audiobookshelf deployments using OIDC; no IdP misconfiguration is required. The issue is fixed in version 2.28.0. No known workarounds exist.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55622
Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago
Description : Reolink v4.54.0.4.20250526 was discovered to contain a task hijacking vulnerability due to inappropriate taskAffinity settings.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55623
Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago
Description : An issue in the lock screen component of Reolink v4.54.0.4.20250526 allows attackers to bypass authentication via using an ADB (Android Debug Bridge).
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55624
Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago
Description : An intent redirection vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access internal functions or access non-public components.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55625 - Reolink Open Redirect Vulnerability
CVE ID : CVE-2025-55625
Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago
Description : An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users to a malicious site via a crafted URL.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55626
Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago
Description : An Insecure Direct Object Reference (IDOR) vulnerability in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows unauthorized attackers to access the Admin-only settings and edit the session storage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55627 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Privilege Escalation
CVE ID : CVE-2025-55627
Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago
Description : Insufficient privilege verification in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows authenticated attackers to create accounts with elevated privileges.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55629
Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago
Description : Insecure permissions in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allow attackers to arbitrarily change other users' passwords via manipulation of the userName value.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55630 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Authentication Bypass
CVE ID : CVE-2025-55630
Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago
Description : A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 when entering the wrong username and password allows attackers to enumerate existing accounts.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55631 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Session Management Vulnerability
CVE ID : CVE-2025-55631
Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago
Description : Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 was discovered to manage users' sessions system wide instead of an account-by-account basis, potentially leading to a Denial of Service (DoS) via resource exhaustion.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55634 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Unauthenticated DoS
CVE ID : CVE-2025-55634
Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago
Description : Incorrect access control in the RTMP server settings of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 allows unauthorized attackers to cause a Denial of Service (DoS) via initiating a large number of simultaneous ffmpeg-based stream pushes.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55637 - Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime Command Injection Vulnerability
CVE ID : CVE-2025-55637
Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago
Description : Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.4662_2503122283 was discovered to contain a command injection vulnerability via the setddns_pip_system() function.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55745 - UnoPim Laravel Formula Injection Vulnerability
CVE ID : CVE-2025-55745
Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago
Description : UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Versions 0.3.0 and prior are vulnerable to CSV injection, also known as formula injection, in the Quick Export feature. This vulnerability allows attackers to inject malicious content into exported CSV files. When the CSV file is opened in spreadsheet applications such as Microsoft Excel, the malicious input may be interpreted as a formula or command, potentially resulting in the execution of arbitrary code on the victim's device. Successful exploitation can lead to remote code execution, including the establishment of a reverse shell. Users are advised to upgrade to version 0.3.1 or later.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57105
Published : Aug. 22, 2025, 5:15 p.m. | 1 hour, 52 minutes ago
Description : The DI-7400G+ router has a command injection vulnerability, which allows attackers to execute arbitrary commands on the device. The sub_478D28 function in in mng_platform.asp, and sub_4A12DC function in wayos_ac_server.asp of the jhttpd program, with the parameter ac_mng_srv_host.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-50644 - "Zhisheng17 Blog Authentication Bypass Vulnerability"
CVE ID : CVE-2024-50644
Published : Aug. 22, 2025, 5:15 p.m. | 15 minutes ago
Description : zhisheng17 blog 3.0.1-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without any token.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53494
Published : Aug. 22, 2025, 5:15 p.m. | 15 minutes ago
Description : Incorrect access control in the preHandle function of SpringBootBlog v1.0.0 allows attackers to access sensitive components without authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55398
Published : Aug. 22, 2025, 5:15 p.m. | 15 minutes ago
Description : An issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - a fork of vlm asn1c. In UPER (Unaligned Packed Encoding Rules), asn1c-generated decoders fail to enforce INTEGER constraints when the bound is positive and exceeds 32 bits in length, potentially allowing incorrect or malicious input to be processed.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55619 - Reolink Hardcoded Encryption Key and Initialization Vector Vulnerability
CVE ID : CVE-2025-55619
Published : Aug. 22, 2025, 5:15 p.m. | 15 minutes ago
Description : Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and initialization vector. An attacker can leverage this vulnerability to decrypt access tokens and web session tokens stored inside the app via reverse engineering.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55620
Published : Aug. 22, 2025, 5:15 p.m. | 15 minutes ago
Description : A cross-site scripting (XSS) vulnerability in the valuateJavascript() function of Reolink v4.54.0.4.20250526 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55621
Published : Aug. 22, 2025, 5:15 p.m. | 15 minutes ago
Description : An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers to access and download other users' profile photos via a crafted URL.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55606
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 14 minutes ago
Description : Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the fromAdvSetMacMtuWan function via the serverName parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55611
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 14 minutes ago
Description : D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formLanguageChange function via the nextPage parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55741 - UnoPim Laravel Mass Delete Privilege Escalation Vulnerability
CVE ID : CVE-2025-55741
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 14 minutes ago
Description : UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. In versions 0.3.0 and earlier, users without the Delete privilege for products are unable to delete individual products via the standard endpoint, as expected. However, these users can bypass intended access controls by issuing requests to the mass-delete endpoint, allowing them to delete products without proper authorization. This vulnerability allows unauthorized product deletion, leading to potential data loss and business disruption. The issue is fixed in version 0.3.1. No known workarounds exist.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38665 - Linux Kernel CAN NULL Pointer Dereference Vulnerability
CVE ID : CVE-2025-38665
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode
Andrei Lalaev reported a NULL pointer deref when a CAN device is
restarted from Bus Off and the driver does not implement the struct
can_priv::do_set_mode callback.
There are 2 code path that call struct can_priv::do_set_mode:
- directly by a manual restart from the user space, via
can_changelink()
- delayed automatic restart after bus off (deactivated by default)
To prevent the NULL pointer deference, refuse a manual restart or
configure the automatic restart delay in can_changelink() and report
the error via extack to user space.
As an additional safety measure let can_restart() return an error if
can_priv::do_set_mode is not set instead of dereferencing it
unchecked.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38666 - AppleTalk Linux Kernel Appletalk AARP Race Condition Use-After-Free
CVE ID : CVE-2025-38666
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
net: appletalk: Fix use-after-free in AARP proxy probe
The AARP proxy‐probe routine (aarp_proxy_probe_network) sends a probe,
releases the aarp_lock, sleeps, then re-acquires the lock. During that
window an expire timer thread (__aarp_expire_timer) can remove and
kfree() the same entry, leading to a use-after-free.
race condition:
cpu 0 | cpu 1
atalk_sendmsg() | atif_proxy_probe_device()
aarp_send_ddp() | aarp_proxy_probe_network()
mod_timer() | lock(aarp_lock) // LOCK!!
timeout around 200ms | alloc(aarp_entry)
and then call | proxies[hash] = aarp_entry
aarp_expire_timeout() | aarp_send_probe()
| unlock(aarp_lock) // UNLOCK!!
lock(aarp_lock) // LOCK!! | msleep(100);
__aarp_expire_timer(&proxies[ct]) |
free(aarp_entry) |
unlock(aarp_lock) // UNLOCK!! |
| lock(aarp_lock) // LOCK!!
| UAF aarp_entry !!
==================================================================
BUG: KASAN: slab-use-after-free in aarp_proxy_probe_network+0x560/0x630 net/appletalk/aarp.c:493
Read of size 4 at addr ffff8880123aa360 by task repro/13278
CPU: 3 UID: 0 PID: 13278 Comm: repro Not tainted 6.15.2 #3 PREEMPT(full)
Call Trace:
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x116/0x1b0 lib/dump_stack.c:120
print_address_description mm/kasan/report.c:408 [inline]
print_report+0xc1/0x630 mm/kasan/report.c:521
kasan_report+0xca/0x100 mm/kasan/report.c:634
aarp_proxy_probe_network+0x560/0x630 net/appletalk/aarp.c:493
atif_proxy_probe_device net/appletalk/ddp.c:332 [inline]
atif_ioctl+0xb58/0x16c0 net/appletalk/ddp.c:857
atalk_ioctl+0x198/0x2f0 net/appletalk/ddp.c:1818
sock_do_ioctl+0xdc/0x260 net/socket.c:1190
sock_ioctl+0x239/0x6a0 net/socket.c:1311
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:906 [inline]
__se_sys_ioctl fs/ioctl.c:892 [inline]
__x64_sys_ioctl+0x194/0x200 fs/ioctl.c:892
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xcb/0x250 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
Allocated:
aarp_alloc net/appletalk/aarp.c:382 [inline]
aarp_proxy_probe_network+0xd8/0x630 net/appletalk/aarp.c:468
atif_proxy_probe_device net/appletalk/ddp.c:332 [inline]
atif_ioctl+0xb58/0x16c0 net/appletalk/ddp.c:857
atalk_ioctl+0x198/0x2f0 net/appletalk/ddp.c:1818
Freed:
kfree+0x148/0x4d0 mm/slub.c:4841
__aarp_expire net/appletalk/aarp.c:90 [inline]
__aarp_expire_timer net/appletalk/aarp.c:261 [inline]
aarp_expire_timeout+0x480/0x6e0 net/appletalk/aarp.c:317
The buggy address belongs to the object at ffff8880123aa300
which belongs to the cache kmalloc-192 of size 192
The buggy address is located 96 bytes inside of
freed 192-byte region [ffff8880123aa300, ffff8880123aa3c0)
Memory state around the buggy address:
ffff8880123aa200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffff8880123aa280: 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc
>ffff8880123aa300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
^
ffff8880123aa380: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
ffff8880123aa400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
==================================================================
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38667
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
iio: fix potential out-of-bound write
The buffer is set to 20 characters. If a caller write more characters,
count is truncated to the max available space in "simple_write_to_buffer".
To protect from OoB access, check that the input size fit into buffer and
add a zero terminator after copy to the end of the copied data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38668 - Linux Kernel Regulator NULL Pointer Dereference Vulnerability
CVE ID : CVE-2025-38668
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
regulator: core: fix NULL dereference on unbind due to stale coupling data
Failing to reset coupling_desc.n_coupled after freeing coupled_rdevs can
lead to NULL pointer dereference when regulators are accessed post-unbind.
This can happen during runtime PM or other regulator operations that rely
on coupling metadata.
For example, on ridesx4, unbinding the 'reg-dummy' platform device triggers
a panic in regulator_lock_recursive() due to stale coupling state.
Ensure n_coupled is set to 0 to prevent access to invalid pointers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38669
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
Revert "drm/gem-shmem: Use dma_buf from GEM object instance"
This reverts commit 1a148af06000e545e714fe3210af3d77ff903c11.
The dma_buf field in struct drm_gem_object is not stable over the
object instance's lifetime. The field becomes NULL when user space
releases the final GEM handle on the buffer object. This resulted
in a NULL-pointer deref.
Workarounds in commit 5307dce878d4 ("drm/gem: Acquire references on
GEM handles for framebuffers") and commit f6bfc9afc751 ("drm/framebuffer:
Acquire internal references on GEM handles") only solved the problem
partially. They especially don't work for buffer objects without a DRM
framebuffer associated.
Hence, this revert to going back to using .import_attach->dmabuf.
v3:
- cc stable
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38670 - Linux kernel ARM64 DAIF Masking Vulnerability
CVE ID : CVE-2025-38670
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack()
`cpu_switch_to()` and `call_on_irq_stack()` manipulate SP to change
to different stacks along with the Shadow Call Stack if it is enabled.
Those two stack changes cannot be done atomically and both functions
can be interrupted by SErrors or Debug Exceptions which, though unlikely,
is very much broken : if interrupted, we can end up with mismatched stacks
and Shadow Call Stack leading to clobbered stacks.
In `cpu_switch_to()`, it can happen when SP_EL0 points to the new task,
but x18 stills points to the old task's SCS. When the interrupt handler
tries to save the task's SCS pointer, it will save the old task
SCS pointer (x18) into the new task struct (pointed to by SP_EL0),
clobbering it.
In `call_on_irq_stack()`, it can happen when switching from the task stack
to the IRQ stack and when switching back. In both cases, we can be
interrupted when the SCS pointer points to the IRQ SCS, but SP points to
the task stack. The nested interrupt handler pushes its return addresses
on the IRQ SCS. It then detects that SP points to the task stack,
calls `call_on_irq_stack()` and clobbers the task SCS pointer with
the IRQ SCS pointer, which it will also use !
This leads to tasks returning to addresses on the wrong SCS,
or even on the IRQ SCS, triggering kernel panics via CONFIG_VMAP_STACK
or FPAC if enabled.
This is possible on a default config, but unlikely.
However, when enabling CONFIG_ARM64_PSEUDO_NMI, DAIF is unmasked and
instead the GIC is responsible for filtering what interrupts the CPU
should receive based on priority.
Given the goal of emulating NMIs, pseudo-NMIs can be received by the CPU
even in `cpu_switch_to()` and `call_on_irq_stack()`, possibly *very*
frequently depending on the system configuration and workload, leading
to unpredictable kernel panics.
Completely mask DAIF in `cpu_switch_to()` and restore it when returning.
Do the same in `call_on_irq_stack()`, but restore and mask around
the branch.
Mask DAIF even if CONFIG_SHADOW_CALL_STACK is not enabled for consistency
of behaviour between all configurations.
Introduce and use an assembly macro for saving and masking DAIF,
as the existing one saves but only masks IF.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38671 - Linux Kernel i2c Qup Timeout Information Disclosure Vulnerability
CVE ID : CVE-2025-38671
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
i2c: qup: jump out of the loop in case of timeout
Original logic only sets the return value but doesn't jump out of the
loop if the bus is kept active by a client. This is not expected. A
malicious or buggy i2c client can hang the kernel in this case and
should be avoided. This is observed during a long time test with a
PCA953x GPIO extender.
Fix it by changing the logic to not only sets the return value, but also
jumps out of the loop and return to the caller with -ETIMEDOUT.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38672 - Linux Kernel - NULL Pointer Dereference in drm_gem_object
CVE ID : CVE-2025-38672
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
Revert "drm/gem-dma: Use dma_buf from GEM object instance"
This reverts commit e8afa1557f4f963c9a511bd2c6074a941c308685.
The dma_buf field in struct drm_gem_object is not stable over the
object instance's lifetime. The field becomes NULL when user space
releases the final GEM handle on the buffer object. This resulted
in a NULL-pointer deref.
Workarounds in commit 5307dce878d4 ("drm/gem: Acquire references on
GEM handles for framebuffers") and commit f6bfc9afc751 ("drm/framebuffer:
Acquire internal references on GEM handles") only solved the problem
partially. They especially don't work for buffer objects without a DRM
framebuffer associated.
Hence, this revert to going back to using .import_attach->dmabuf.
v3:
- cc stable
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38673 - Linux Kernel - Null Pointer Dereference in DRM GEM Object Instance
CVE ID : CVE-2025-38673
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
Revert "drm/gem-framebuffer: Use dma_buf from GEM object instance"
This reverts commit cce16fcd7446dcff7480cd9d2b6417075ed81065.
The dma_buf field in struct drm_gem_object is not stable over the
object instance's lifetime. The field becomes NULL when user space
releases the final GEM handle on the buffer object. This resulted
in a NULL-pointer deref.
Workarounds in commit 5307dce878d4 ("drm/gem: Acquire references on
GEM handles for framebuffers") and commit f6bfc9afc751 ("drm/framebuffer:
Acquire internal references on GEM handles") only solved the problem
partially. They especially don't work for buffer objects without a DRM
framebuffer associated.
Hence, this revert to going back to using .import_attach->dmabuf.
v3:
- cc stable
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38674
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
Revert "drm/prime: Use dma_buf from GEM object instance"
This reverts commit f83a9b8c7fd0557b0c50784bfdc1bbe9140c9bf8.
The dma_buf field in struct drm_gem_object is not stable over the
object instance's lifetime. The field becomes NULL when user space
releases the final GEM handle on the buffer object. This resulted
in a NULL-pointer deref.
Workarounds in commit 5307dce878d4 ("drm/gem: Acquire references on
GEM handles for framebuffers") and commit f6bfc9afc751 ("drm/framebuffer:
Acquire internal references on GEM handles") only solved the problem
partially. They especially don't work for buffer objects without a DRM
framebuffer associated.
Hence, this revert to going back to using .import_attach->dmabuf.
v3:
- cc stable
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38675 - Linux Kernel Xfrm State Pointer Initialization Vulnerability
CVE ID : CVE-2025-38675
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
xfrm: state: initialize state_ptrs earlier in xfrm_state_find
In case of preemption, xfrm_state_look_at will find a different
pcpu_id and look up states for that other CPU. If we matched a state
for CPU2 in the state_cache while the lookup started on CPU1, we will
jump to "found", but the "best" state that we got will be ignored and
we will enter the "acquire" block. This block uses state_ptrs, which
isn't initialized at this point.
Let's initialize state_ptrs just after taking rcu_read_lock. This will
also prevent a possible misuse in the future, if someone adjusts this
function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43751 - Liferay Portal User Enumeration Vulnerability
CVE ID : CVE-2025-43751
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : User enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14, 2023.Q4.0 through 2023.Q4.10, 2023.Q3.1 through 2023.Q3.10 and 7.4 GA through update 92 allows remote attackers to determine if an account exist in the application via the create account page.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50674
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : An issue was discovered in the changePassword method in file /usr/share/php/openmediavault/system/user.inc in OpenMediaVault 7.4.17 allowing local authenticated attackers to escalate privileges to root.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50733 - NextChat AI Chat Interface Cross-Site Scripting (XSS)
CVE ID : CVE-2025-50733
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : NextChat contains a cross-site scripting (XSS) vulnerability in the HTMLPreview component of artifacts.tsx that allows attackers to execute arbitrary JavaScript code when HTML content is rendered in the AI chat interface. The vulnerability occurs because user-influenced HTML from AI responses is rendered in an iframe with 'allow-scripts' sandbox permission without proper sanitization. This can be exploited through specifically crafted prompts that cause the AI to generate malicious HTML/JavaScript code. When a user views the HTML preview, the injected JavaScript executes in the user's browser context, potentially allowing attackers to exfiltrate sensitive information (including API keys stored in localStorage), perform actions on behalf of the user, and steal session data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51605 - Shopizer CORS Misconfiguration Vulnerability
CVE ID : CVE-2025-51605
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : An issue was discovered in Shopizer 3.2.7. The server's CORS implementation reflects the client-supplied Origin header verbatim into Access-Control-Allow-Origin without any whitelist validation, while also enabling Access-Control-Allow-Credentials: true. This allows any malicious origin to make authenticated cross-origin requests and read sensitive responses.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52094 - PDQ Smart Deploy Local Privilege Escalation Vulnerability
CVE ID : CVE-2025-52094
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : Insecure Permissions vulnerability in PDQ Smart Deploy V.3.0.2040 allows a local attacker to execute arbtirary code via the \HKLM\SYSTEM\Setup\SmartDeploy component
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52095
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : An issue in PDQ Smart Deploy V.3.0.2040 allows an attacker to escalate privileges via the Credential encryption routines in SDCommon.dll
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53363
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : dpanel is an open source server management panel written in Go. In versions 1.2.0 through 1.7.2, dpanel allows authenticated users to read arbitrary files from the server via the /api/app/compose/get-from-uri API endpoint. The vulnerability exists in the GetFromUri function in app/application/http/controller/compose.go, where the uri parameter is passed directly to os.ReadFile without proper validation or access control. A logged-in attacker can exploit this flaw to read sensitive files from the host system, leading to information disclosure. No patched version is available as of this writing.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55599
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formWlanSetup function via the parameter f_wds_wepKey.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55602
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formSysCmd function via the submit-url parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55603
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the fromSetSysTime function via the ntpServer parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55605
Published : Aug. 22, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the saveParentControlInfo function via the deviceName parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-33120 - IBM QRadar SIEM Privilege Escalation Vulnerability
CVE ID : CVE-2025-33120
Published : Aug. 22, 2025, 3:15 p.m. | 56 minutes ago
Description : IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated user to escalate their privileges via a misconfigured cronjob due to execution with unnecessary privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36042 - IBM QRadar SIEM Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-36042
Published : Aug. 22, 2025, 3:15 p.m. | 56 minutes ago
Description : IBM QRadar SIEM 7.5 through 7.5.0 Dashboard is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55573 - QuantumNous new-api Remote Cross Site Scripting (XSS)
CVE ID : CVE-2025-55573
Published : Aug. 22, 2025, 3:15 p.m. | 56 minutes ago
Description : QuantumNous new-api v.0.8.5.2 is vulnerable to Cross Site Scripting (XSS).
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2009-10006
Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago
Description : UFO: Alien Invasion versions up to and including 2.2.1 contain a buffer overflow vulnerability in its built-in IRC client component. When the client connects to an IRC server and receives a crafted numeric reply (specifically a 001 message), the application fails to properly validate the length of the response string. This results in a stack-based buffer overflow, which may corrupt control flow structures and allow arbitrary code execution. The vulnerability is triggered during automatic IRC connection handling and does not require user interaction beyond launching the game.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-56179
Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago
Description : In MindManager Windows versions prior to 24.1.150, attackers could potentially write to unexpected directories in victims' machines via directory traversal if victims opened file attachments located in malicious mmap files.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-58239
Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
tls: stop recv() if initial process_rx_list gave us non-DATA
If we have a non-DATA record on the rx_list and another record of the
same type still on the queue, we will end up merging them:
- process_rx_list copies the non-DATA record
- we start the loop and process the first available record since it's
of the same type
- we break out of the loop since the record was not DATA
Just check the record type and jump to the end in case process_rx_list
did some work.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38616 - "Linux TLS ULP Data Disappearance Out-of-Bounds Read"
CVE ID : CVE-2025-38616
Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
tls: handle data disappearing from under the TLS ULP
TLS expects that it owns the receive queue of the TCP socket.
This cannot be guaranteed in case the reader of the TCP socket
entered before the TLS ULP was installed, or uses some non-standard
read API (eg. zerocopy ones). Replace the WARN_ON() and a buggy
early exit (which leaves anchor pointing to a freed skb) with real
error handling. Wipe the parsing state and tell the reader to retry.
We already reload the anchor every time we (re)acquire the socket lock,
so the only condition we need to avoid is an out of bounds read
(not having enough bytes in the socket for previously parsed record len).
If some data was read from under TLS but there's enough in the queue
we'll reload and decrypt what is most likely not a valid TLS record.
Leading to some undefined behavior from TLS perspective (corrupting
a stream? missing an alert? missing an attack?) but no kernel crash
should take place.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38617 - Linux Kernel Packet Netdev Up Event Race Condition
CVE ID : CVE-2025-38617
Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
net/packet: fix a race in packet_set_ring() and packet_notifier()
When packet_set_ring() releases po->bind_lock, another thread can
run packet_notifier() and process an NETDEV_UP event.
This race and the fix are both similar to that of commit 15fe076edea7
("net/packet: fix a race in packet_bind() and packet_notifier()").
There too the packet_notifier NETDEV_UP event managed to run while a
po->bind_lock critical section had to be temporarily released. And
the fix was similarly to temporarily set po->num to zero to keep
the socket unhooked until the lock is retaken.
The po->bind_lock in packet_set_ring and packet_notifier precede the
introduction of git history.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38618
Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
vsock: Do not allow binding to VMADDR_PORT_ANY
It is possible for a vsock to autobind to VMADDR_PORT_ANY. This can
cause a use-after-free when a connection is made to the bound socket.
The socket returned by accept() also has port VMADDR_PORT_ANY but is not
on the list of unbound sockets. Binding it will result in an extra
refcount decrement similar to the one fixed in fcdd2242c023 (vsock: Keep
the binding until socket destruction).
Modify the check in __vsock_bind_connectible() to also prevent binding
to VMADDR_PORT_ANY.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50691
Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago
Description : MCSManager 10.5.3 daemon process runs as a root account by default, and its sensitive data (including tokens and terminal content) is stored in the data directory, readable by all users. Other users on the system can read the daemon's key and use it to log in, leading to privilege escalation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51825
Published : Aug. 22, 2025, 2:15 p.m. | 1 hour, 56 minutes ago
Description : JeecgBoot versions from 3.4.3 up to 3.8.0 were found to contain a SQL injection vulnerability in the /jeecg-boot/online/cgreport/head/parseSql endpoint, which allows bypassing SQL blacklist restrictions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57890 - Pierre Lannoy Sessions Cross-site Scripting
CVE ID : CVE-2025-57890
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lannoy Sessions allows Stored XSS. This issue affects Sessions: from n/a through 3.2.0.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57891
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpecommerce Recurring PayPal Donations allows Stored XSS. This issue affects Recurring PayPal Donations: from n/a through 1.8.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57892 - Jeff Starr Simple Statistics for Feeds CSRF Vulnerability
CVE ID : CVE-2025-57892
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Jeff Starr Simple Statistics for Feeds allows Cross Site Request Forgery. This issue affects Simple Statistics for Feeds: from n/a through 20250322.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57893 - Epsiloncool WP Fast Total Search CSRF Vulnerability
CVE ID : CVE-2025-57893
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search allows Cross Site Request Forgery. This issue affects WP Fast Total Search: from n/a through 1.79.270.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57894
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : Missing Authorization vulnerability in ollybach WPPizza allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPPizza: from n/a through 3.19.8.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57895
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobWP allows Cross Site Request Forgery. This issue affects JobWP: from n/a through 2.4.3.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57896 - Church Admin Missing Authorization Vulnerability
CVE ID : CVE-2025-57896
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : Missing Authorization vulnerability in andy_moyle Church Admin allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Church Admin: from n/a through 5.0.26.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9254
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to log into the system as arbitrary users by exploiting a specific functionality.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9255
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9256
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9257
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9258
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9259
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9331
Published : Aug. 22, 2025, 12:15 p.m. | 3 hours, 56 minutes ago
Description : The Spacious theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'welcome_notice_import_handler' function in all versions up to, and including, 1.9.11. This makes it possible for authenticated attackers, with Subscriber-level access and above, to import demo data into the site.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57884
Published : Aug. 22, 2025, 12:15 p.m. | 1 hour, 56 minutes ago
Description : Missing Authorization vulnerability in wpsoul Greenshift allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Greenshift: from n/a through 12.1.1.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57885 - Shahjahan Jewel Fluent Support CSRF Vulnerability
CVE ID : CVE-2025-57885
Published : Aug. 22, 2025, 12:15 p.m. | 1 hour, 56 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel Fluent Support allows Cross Site Request Forgery. This issue affects Fluent Support: from n/a through 1.9.1.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57886 - Equalize Digital Accessibility Checker Authorization Bypass
CVE ID : CVE-2025-57886
Published : Aug. 22, 2025, 12:15 p.m. | 1 hour, 56 minutes ago
Description : Authorization Bypass Through User-Controlled Key vulnerability in Equalize Digital Accessibility Checker by Equalize Digital allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Accessibility Checker by Equalize Digital: from n/a through 1.30.0.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57887
Published : Aug. 22, 2025, 12:15 p.m. | 1 hour, 56 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NooTheme Jobmonster allows Stored XSS. This issue affects Jobmonster: from n/a through 4.8.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57888 - NooTheme Jobmonster Information Disclosure
CVE ID : CVE-2025-57888
Published : Aug. 22, 2025, 12:15 p.m. | 1 hour, 56 minutes ago
Description : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NooTheme Jobmonster allows Retrieve Embedded Sensitive Data. This issue affects Jobmonster: from n/a through 4.8.0.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9340 - Bouncy Castle for Java BC-FIPS Out-of-Bounds Write Vulnerability
CVE ID : CVE-2025-9340
Published : Aug. 22, 2025, 10:15 a.m. | 3 hours, 56 minutes ago
Description : Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All (API modules). This vulnerability is associated with program files org/bouncycastle/jcajce/provider/BaseCipher.
This issue affects Bouncy Castle for Java: from BC-FJA 2.1.0 through 2.1.0.
Severity: 0.0 | NONE
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9341 - Bouncy Castle for Java FIPS: Uncontrolled Resource Consumption in AESNativeCBC Java API
CVE ID : CVE-2025-9341
Published : Aug. 22, 2025, 9:15 a.m. | 4 hours, 56 minutes ago
Description : Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java.
This issue affects Bouncy Castle for Java FIPS: from BC-FJA 2.1.0 through 2.1.0.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8678
Published : Aug. 22, 2025, 8:15 a.m. | 5 hours, 56 minutes ago
Description : The WP Crontrol plugin for WordPress is vulnerable to Server-Side Request Forgery in versions 1.17.0 to 1.19.1 via the 'wp_remote_request' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57699 - Western Digital Kitfox for Windows Unquoted Service Path Privilege Escalation Vulnerability
CVE ID : CVE-2025-57699
Published : Aug. 22, 2025, 7:15 a.m. | 6 hours, 56 minutes ago
Description : Western Digital Kitfox for Windows provided by Western Digital Corporation registers a Windows service with an unquoted file path.
A user with the write permission on the root directory of the system drive may execute arbitrary code with the SYSTEM privilege.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Appel à manifestation d‘intérêt : renforcement de l’accompagnement local aux enjeux cyber
Appel à manifestation d‘intérêt : renforcement de l’accompagnement local aux enjeux cyber
anssiadm
L'ANSSI ouvre un appel à manifestation d‘intérêt (AMI) pour le renforcement de l’accompagnement local aux enjeux de cybersécurité, du 22 août au 15 septembre 2025.
En tant qu’autorité nationale en matière de cybersécurité et de cyberdéfense, l’Agence nationale de la sécurité des systèmes d’information (ANSSI) prépare et accompagne la montée en maturité cyber de la Nation.
La prochaine transposition en droit français de la directive européenne NIS2, face à la démultiplication de la menace cyber et au constat de la généralisation des attaques via la chaîne de sous-traitance, introduit la nécessité de démultiplier les capacités d’assistance et d’accompagnement pour encore mieux prendre en compte la totalité du tissu économique, institutionnel et social, notamment dans les territoires. Si ces nouveaux bénéficiaires peuvent compter sur l’émergence actuelle de nombreuses entités pour les appuyer dans ces territoires, ils tireraient néanmoins profit d’un travail de renforcement et de mise en cohérence du dispositif d’accompagnement de proximité.
Les objectifs de l’appel à manifestation d’intérêt
Ce projet de financement souhaite encourager les initiatives permettant de renforcer le dispositif national de cyberdéfense développé dans la Revue nationale stratégique. Par cet intermédiaire, l’objectif est de pouvoir élever le niveau général de cybersécurité au profit des entités les plus vulnérables aux cyberattaques par un accompagnement cyber de proximité. Celui-ci doit également se traduire dans une démarche d’assistance lors de la survenance d’une cyberattaque que ce soit autant sur les démarches réglementaires que techniques et opérationnelles.
Le planning prévisionnel de l’AMI
22 août 2025 : ouverture de l’AMI.
15 septembre 2025 à 12 heures (heure de Paris) : clôture de l’AMI.
Du 15 septembre au 22 septembre 2025 : instruction des dossiers déposés.
Retrouvez l’ensemble des modalités de l’AMI dans le document disponible ci-dessous.
CVE ID : CVE-2025-8281
Published : Aug. 22, 2025, 6:15 a.m. | 7 hours, 56 minutes ago
Description : The WP Talroo WordPress plugin through 2.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin and unauthenticated users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41452 - Danfoss AK-SM8xxA Series Web Interface Configuration Setting Vulnerability
CVE ID : CVE-2025-41452
Published : Aug. 22, 2025, 3:15 a.m. | 10 hours, 56 minutes ago
Description : Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow for a denial of service attack induced by improper handling of exceptional conditions
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41451 - Danfoss AK-SM8xxA Series Command Injection
CVE ID : CVE-2025-41451
Published : Aug. 22, 2025, 3:15 a.m. | 8 hours, 58 minutes ago
Description : Improper neutralization of alarm-to-mail configuration fields used in an OS shell Command ('Command Injection') in Danfoss AK-SM8xxA Series prior to version 4.3.1, leading to a potential post-authenticated remote code execution on an attacked system.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43752 - Liferay Portal File Upload Denial of Service (DoS) Vulnerability
CVE ID : CVE-2025-43752
Published : Aug. 22, 2025, 1:16 a.m. | 10 hours, 57 minutes ago
Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the object entries attachment fields, the files are stored in the document_library allowing an attacker to cause a potential DDoS.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-3948
Published : Aug. 21, 2025, 11:15 p.m. | 12 hours, 58 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-4131 - CVE-2022-1234: OpenSSL SSL/TLS Denial of Service
CVE ID : CVE-2023-4131
Published : Aug. 21, 2025, 11:15 p.m. | 12 hours, 58 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-4143
Published : Aug. 21, 2025, 11:15 p.m. | 12 hours, 58 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43753
Published : Aug. 21, 2025, 11:15 p.m. | 12 hours, 58 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.32 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 update 32 through update 92 allows an remote authenticated user to inject JavaScript into the embedded message field from the form container.
Severity: 2.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2009-20004 - GAlan Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2009-20004
Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago
Description : gAlan 0.2.1, a modular audio processing environment for Windows, is vulnerable to a stack-based buffer overflow when parsing .galan files. The application fails to properly validate the length of input data, allowing a specially crafted file to overwrite the stack and execute arbitrary code. Exploitation requires local interaction, typically by convincing a user to open the malicious file.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2010-20007
Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago
Description : Seagull FTP Client <= v3.3 Build 409 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long filename, the application fails to properly validate input length, resulting in a buffer overflow that overwrites the Structured Exception Handler (SEH). This may allow remote attackers to execute arbitrary code on the client system. This product line was discontinued and users were advised to use BlueZone Secure FTP instead, at the time of disclosure.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2010-20034
Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago
Description : Gekko Manager FTP Client <= 0.77 contains a stack-based buffer overflow in its FTP directory listing parser. When processing a server response to a LIST command, the client fails to properly validate the length of filenames. A crafted response containing an overly long filename can overwrite the Structured Exception Handler (SEH), potentially allowing remote code execution.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2010-20107 - FTP Synchronizer Professional FTP Server Stack-Based Buffer Overflow
CVE ID : CVE-2010-20107
Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago
Description : A stack-based buffer overflow exists in FTP Synchronizer Professional <= v4.0.73.274. When the client connects to an FTP server and issues a LIST command—typically during sync preview or profile creation—the server’s response containing an overly long filename triggers a buffer overflow. This results in the corruption of the Structured Exception Handler (SEH), potentially allowing remote code execution.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2010-20108
Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago
Description : FTPPad <= 1.2.0 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long directory and filename, the application fails to properly validate input length. This results in a buffer overflow that overwrites the saved Extended Instruction Pointer (EIP), allowing remote attackers to execute arbitrary code.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2010-20113 - EasyFTP Server Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2010-20113
Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago
Description : EasyFTP Server 1.7.0.11 and earlier contains a stack-based buffer overflow vulnerability in its HTTP interface. When processing a GET request to list.html, the server fails to properly validate the length of the path parameter. Supplying an excessively long value causes a buffer overflow on the stack, potentially corrupting control flow structures. The vulnerability is exposed through the embedded web server and does not require authentication due to default anonymous access. The issue was resolved in version 1.7.0.12, after which the product was renamed to UplusFtp.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2010-20114 - VariCAD EN Stack-Based Buffer Overflow
CVE ID : CVE-2010-20114
Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago
Description : VariCAD EN up to and including version 2010-2.05 is vulnerable to a stack-based buffer overflow when parsing .dwb drawing files. The application fails to properly validate the length of input data embedded in the file, allowing a crafted .dwb file to overwrite critical memory structures. This flaw can be exploited locally by convincing a user to open a malicious file, resulting in arbitrary code execution.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2010-20115
Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago
Description : Arcane Software’s Vermillion FTP Daemon (vftpd) versions up to and including 1.31 contains a memory corruption vulnerability triggered by a malformed FTP PORT command. The flaw arises from an out-of-bounds array access during input parsing, allowing an attacker to manipulate stack memory and potentially execute arbitrary code. Exploitation requires direct access to the FTP service and is constrained by a single execution attempt if the daemon is installed as a Windows service.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2010-20120 - Maple Maplet Remote Code Execution
CVE ID : CVE-2010-20120
Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago
Description : Maple versions up to and including 13's Maplet framework allows embedded commands to be executed automatically when a .maplet file is opened. This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability enables attackers to craft malicious .maplet files that execute arbitrary code without user interaction.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2010-20122
Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago
Description : Xftp FTP Client version up to and including 3.0 (build 0238) contain a stack-based buffer overflow vulnerability triggered by a maliciously crafted PWD response from an FTP server. When the client connects to a server and receives an overly long directory string in response to the PWD command, the client fails to properly validate the length of the input before copying it into a fixed-size buffer. This results in memory corruption and allows remote attackers to execute arbitrary code on the client system.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2010-20123
Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago
Description : Steinberg MyMP3Player version 3.0 (build 3.0.0.67) is vulnerable to a stack-based buffer overflow when parsing .m3u playlist files. The application fails to properly validate the length of input data within the playlist, allowing a specially crafted file to overwrite critical memory structures and execute arbitrary code. This vulnerability can be exploited locally by convincing a user to open a malicious .m3u file.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43747
Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago
Description : A server-side request forgery (SSRF) vulnerability exists in the Liferay DXP 2025.Q2.0 through 2025.Q2.3 due to insecure domain validation on analytics.cloud.domain.allowed, allowing an attacker to perform requests by change the domain and bypassing the validation method, this insecure validation is not distinguishing between trusted subdomains and malicious domains.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51606
Published : Aug. 21, 2025, 9:15 p.m. | 14 hours, 58 minutes ago
Description : hippo4j 1.0.0 to 1.5.0, uses a hard-coded secret key in its JWT (JSON Web Token) creation. This allows attackers with access to the source code or compiled binary to forge valid access tokens and impersonate any user, including privileged ones such as "admin". The vulnerability poses a critical security risk in systems where authentication and authorization rely on the integrity of JWTs.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2009-20003 - Xenorate Windows Multimedia Player Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2009-20003
Published : Aug. 21, 2025, 9:15 p.m. | 12 hours, 45 minutes ago
Description : Xenorate versions up to and including 2.50, a Windows-based multimedia player, is vulnerable to a stack-based buffer overflow when processing .xpl playlist files. The application fails to properly validate the length of input data, allowing an attacker to craft a malicious .xpl file that overwrites the Structured Exception Handler (SEH) and enables arbitrary code execution. Exploitation requires local interaction, typically by convincing a user to open the crafted file.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2009-20002 - Millenium MP3 Studio Stack-Based Buffer Overflow
CVE ID : CVE-2009-20002
Published : Aug. 21, 2025, 9:15 p.m. | 11 hours, 40 minutes ago
Description : Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55231 - Microsoft Windows Storage Race Condition Remote Code Execution
CVE ID : CVE-2025-55231
Published : Aug. 21, 2025, 8:15 p.m. | 11 hours, 50 minutes ago
Description : Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Storage allows an unauthorized attacker to execute code over a network.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55230 - Microsoft Windows MBT Transport Driver Untrusted Pointer Dereference Privilege Escalation Vulnerability
CVE ID : CVE-2025-55230
Published : Aug. 21, 2025, 8:15 p.m. | 10 hours, 40 minutes ago
Description : Untrusted pointer dereference in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55229 - Microsoft Windows Certificate Spoofing Vulnerability
CVE ID : CVE-2025-55229
Published : Aug. 21, 2025, 8:15 p.m. | 9 hours, 50 minutes ago
Description : Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55106
Published : Aug. 21, 2025, 8:15 p.m. | 6 hours, 39 minutes ago
Description : There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high. The attack could disclose a privileged token which may result in the attacker gaining full control of the Portal.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55107
Published : Aug. 21, 2025, 8:15 p.m. | 6 hours, 39 minutes ago
Description : There is a stored
Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites
versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to
inject malicious a file with an embedded xss script which when loaded could
potentially execute arbitrary JavaScript code in the victim’s browser. The
privileges required to execute this attack are high. The attack could
disclose a privileged token which may result in the attacker gaining full
control of the Portal.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55105
Published : Aug. 21, 2025, 8:15 p.m. | 4 hours, 39 minutes ago
Description : There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high. The attack could disclose a privileged token which may result in the attacker gaining full control of the Portal.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53795 - Microsoft PC Manager Privilege Escalation Vulnerability
CVE ID : CVE-2025-53795
Published : Aug. 21, 2025, 8:15 p.m. | 1 hour, 49 minutes ago
Description : Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate privileges over a network.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54460
Published : Aug. 21, 2025, 8:15 p.m. | 1 hour, 49 minutes ago
Description : The vulnerability, if exploited, could allow an authenticated miscreant
(with privileges to create or access publication targets of type Text
File or HDFS) to upload and persist files that could potentially be
executed.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55103 - Esri Portal for ArcGIS Enterprise Sites Stored XSS
CVE ID : CVE-2025-55103
Published : Aug. 21, 2025, 8:15 p.m. | 1 hour, 49 minutes ago
Description : There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.9.1 – 11.4 that may allow a remote, authenticated attacker to inject malicious a file with an embedded xss script which when loaded could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high. The attack could disclose a privileged token which may result in the attacker gaining full control of the Portal.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55104 - ArcGIS HUB and ArcGIS Enterprise Sites Stored XSS
CVE ID : CVE-2025-55104
Published : Aug. 21, 2025, 8:15 p.m. | 1 hour, 49 minutes ago
Description : A stored cross-site scripting (XSS) vulnerability exists ArcGIS HUB and ArcGIS Enterprise Sites which allows an authenticated user with the ability to create or edit a site to add and store an XSS payload. If this stored XSS payload is triggered by any user attacker supplied JavaScript may execute in the victim's browser.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2010-10015
Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago
Description : AOL versions up to and including 9.5 includes an ActiveX control (Phobos.dll) that exposes a method called Import() via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation allows remote attackers to execute arbitrary code in the context of the user, but only when the malicious HTML file is opened locally, due to the control not being marked safe for scripting or initialization. AOL remains an active and supported brand offering services like AOL Mail and AOL Desktop Gold, but the legacy AOL 9.5 desktop software—specifically the version containing the vulnerable Phobos.dll ActiveX control—is long discontinued and no longer maintained.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2010-20109
Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago
Description : Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the view_help.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal sequences and null-byte terminators to access arbitrary files on the underlying system. By exploiting this flaw, unauthenticated remote attackers can retrieve sensitive configuration files such as /mail/snapshot/config.snapshot, potentially exposing credentials, internal settings, and other critical data.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2010-20111 - Digital Music Pad Buffer Overflow Vulnerability
CVE ID : CVE-2010-20111
Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago
Description : Digital Music Pad v8.2.3.3.4 contains a stack-based buffer overflow vulnerability in its playlist file parser. When opening a .pls file containing an excessively long string in the File1 field, the application fails to properly validate input length, resulting in corruption of the Structured Exception Handler (SEH) on the stack. This flaw may allow an attacker to control execution flow when the file is opened, potentially leading to arbitrary code execution.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2010-20112 - Amlib NetOpacs Webquery.dll Stack Buffer Overflow and Control Flow Vulnerability
CVE ID : CVE-2010-20112
Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago
Description : Amlib’s NetOpacs webquery.dll contains a stack-based buffer overflow vulnerability triggered by improper handling of HTTP GET parameters. Specifically, the application fails to enforce bounds on input supplied to the app parameter, allowing excessive data to overwrite memory structures including the Structured Exception Handler (SEH). Additionally, malformed parameter names followed by an equals sign may result in unintended control flow behavior. This vulnerability is exposed through IIS and affects legacy Windows deployments
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2010-20119 - CommuniCrypt Mail Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2010-20119
Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago
Description : CommuniCrypt Mail versions up to and including 1.16 contains a stack-based buffer overflow vulnerability in its ANSMTP.dll and AOSMTP.dll ActiveX controls, specifically within the AddAttachments() method. This method fails to properly validate the length of input strings, allowing data to exceed the bounds of a fixed-size stack buffer. When invoked with an overly long string, the control can corrupt adjacent memory structures, including exception handlers, leading to potential control flow disruption.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2010-20121 - EasyFTP Server Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2010-20121
Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago
Description : EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the FTP command parser. When processing the CWD (Change Working Directory) command, the server fails to properly validate the length of the input string, allowing attackers to overwrite memory on the stack. This flaw enables remote code execution without authentication, as EasyFTP allows anonymous access by default. The vulnerability was resolved in version 1.7.0.12, after which the product was renamed “UplusFtp.”
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24489
Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago
Description : An attacker could exploit this vulnerability by uploading arbitrary
files via a specific service, which could lead to system compromise.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27714
Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago
Description : An attacker could exploit this vulnerability by uploading arbitrary
files via the a specific endpoint, leading to unauthorized remote code
execution or system compromise.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27721 - INFINITT PACS Unauthenticated System Manager Access
CVE ID : CVE-2025-27721
Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago
Description : Unauthorized users can access INFINITT PACS System Manager without proper authorization,
which could lead to unauthorized access to system resources.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3128 - Mitsubishi Electric smartRTU Remote Command Execution
CVE ID : CVE-2025-3128
Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago
Description : A remote unauthenticated attacker who has bypassed authentication could
execute arbitrary OS commands to disclose, tamper with, destroy or
delete information in Mitsubishi Electric smartRTU, or cause a denial-of
service condition on the product.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41415 - Adobe Publication Target Information Disclosure
CVE ID : CVE-2025-41415
Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago
Description : The vulnerability, if exploited, could allow an authenticated miscreant
(with privileges to access publication targets) to retrieve sensitive
information that could then be used to gain additional access to
downstream resources.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51989 - Evolution Consulting Kft. HRmaster HTML Injection Vulnerability
CVE ID : CVE-2025-51989
Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago
Description : HTML injection vulnerability in the registration interface in Evolution Consulting Kft. HRmaster module v235 allows an attacker to inject HTML tags into the "keresztnév" (firstname) field, which will be sent out in an email resulting in possible Phishing scenarios against any, previously not registered, email address.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53763
Published : Aug. 21, 2025, 8:15 p.m. | 38 minutes ago
Description : Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges over a network.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38742 - Dell iDRAC Service Module (iSM) Local Code Execution
CVE ID : CVE-2025-38742
Published : Aug. 21, 2025, 7:15 p.m. | 54 minutes ago
Description : Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38743 - Dell iDRAC Buffer Access with Incorrect Length Value Elevation of Privileges
CVE ID : CVE-2025-38743
Published : Aug. 21, 2025, 7:15 p.m. | 54 minutes ago
Description : Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57751
Published : Aug. 21, 2025, 7:15 p.m. | 54 minutes ago
Description : pyLoad is the free and open-source Download Manager written in pure Python. The jk parameter is received in pyLoad CNL Blueprint. Due to the lack of jk parameter verification, the jk parameter input by the user is directly determined as dykpy.evaljs(), resulting in the server CPU being fully occupied and the web-ui becoming unresponsive. This vulnerability is fixed in 0.5.0b3.dev92.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-50641
Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago
Description : An authentication bypass vulnerability in PandoraNext-TokensTool v0.6.8 and before. An attacker can exploit this vulnerability to access API without any token.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43754 - Liferay Portal/Boundary Information Disclosure
CVE ID : CVE-2025-43754
Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago
Description : Username enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows attackers to determine if an account exist in the application by inspecting the server processing time of the login request.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52351 - Aikaan IoT Management Platform Password Disclosure
CVE ID : CVE-2025-52351
Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago
Description : Aikaan IoT management platform v3.25.0325-5-g2e9c59796 sends a newly generated password to users in plaintext via email and also includes the same password as a query parameter in the account activation URL (e.g., https://domain.com/activate=xyz). This practice can result in password exposure via browser history, proxy logs, referrer headers, and email caching. The vulnerability impacts user credential confidentiality during initial onboarding.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52352 - Aikaan IoT Management Platform Sign-up API Authentication Bypass
CVE ID : CVE-2025-52352
Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago
Description : Aikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a configuration to disable user sign-up in distributed deployments by hiding the sign-up option on the login page UI. However, the sign-up API endpoint remains publicly accessible and functional, allowing unauthenticated users to register accounts via APIs even when the feature is disabled. This leads to authentication bypass and unauthorized access to admin portals, violating intended access controls.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55523
Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago
Description : An issue in the component /api/download_work_dir_file.py of Agent-Zero v0.8.* allows attackers to execute a directory traversal.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55524
Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago
Description : Insecure permissions in Agent-Zero v0.8.* allow attackers to arbitrarily reset the system via unspecified vectors.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57768
Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago
Description : Phproject is a high performance full-featured project management system. From 1.8.0 to before 1.8.3, a Stored Cross-Site Scripting (XSS) vulnerability exists in the Planned Hours field when creating a new project. When sending a POST request to /issues/new/, the value provided in the Planned Hours field is included in the server response without any HTML encoding or sanitization. Because of this, an attacker can craft a malicious payload such as and include it in the planned_hours parameter. The server reflects the input directly in the HTML of the project creation page, causing the browser to interpret and execute it. This vulnerability is fixed in 1.8.3.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7051
Published : Aug. 21, 2025, 6:15 p.m. | 1 hour, 54 minutes ago
Description : On N-central, it is possible for any authenticated user to read, write and modify syslog configuration across customers on an N-central server. This vulnerability is present in all deployments of N-central prior to 2025.2.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55522
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : Cross-site scripting (XSS) vulnerability in the component /common/reports of Akaunting v3.1.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57754 - Supabase URI Exposure in eslint-ban-moment
CVE ID : CVE-2025-57754
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : eslint-ban-moment is an Eslint plugin for final assignment in VIHU. In 3.0.0 and earlier, a sensitive Supabase URI is exposed in .env. A valid Supabase URI with embedded username and password will allow an attacker complete unauthorized access and control over database and user data. This could lead to data exfiltration, modification or deletion.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57755 - Claude-code-router CORS Credential Exposure
CVE ID : CVE-2025-57755
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : claude-code-router is a powerful tool to route Claude Code requests to different models and customize any request. Due to improper Cross-Origin Resource Sharing (CORS) configuration, there is a risk that user API Keys or equivalent credentials may be exposed to untrusted domains. Attackers could exploit this misconfiguration to steal credentials, abuse accounts, exhaust quotas, or access sensitive data. The issue has been patched in v1.0.34.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57761 - WeGIA Web Manager SQL Injection Vulnerability
CVE ID : CVE-2025-57761
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependente_remover.php endpoint, specifically in the id_funcionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. This vulnerability is fixed in 3.4.10.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57762 - WeGIA Web Manager Stored Cross-Site Scripting (XSS) Vulnerability
CVE ID : CVE-2025-57762
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Stored Cross-Site Scripting (XSS) vulnerability in the dependente_docdependente.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the nome parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.4.7.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57763 - WeGIA Web Manager Reflected Cross-Site Scripting (XSS)
CVE ID : CVE-2025-57763
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Reflected Cross-Site Scripting (XSS) vulnerability in the insere_despacho.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the cpf sccs. This vulnerability is fixed in 3.4.7.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57764 - WeGIA Web Manager Reflected Cross-Site Scripting (XSS)
CVE ID : CVE-2025-57764
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, a Reflected Cross-Site Scripting (XSS) vulnerability was identified in the cargos.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_e parameter. This vulnerability is fixed in 3.4.7.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57765 - WeGIA Web Manager Reflected Cross-Site Scripting (XSS) Vulnerability
CVE ID : CVE-2025-57765
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, a Reflected Cross-Site Scripting (XSS) vulnerability was identified in the pre_cadastro_adotante.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_e parameter. This vulnerability is fixed in 3.4.7.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6465
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 10.10.x <= 10.10.0, 10.9.x <= 10.9.3 fail to sanitize file names which allows users with file upload permission to overwrite file attachment thumbnails via path traversal in file streaming APIs.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7969
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in markdown-it allows Cross-Site Scripting (XSS). This vulnerability is associated with program files lib/renderer.mjs.
This issue affects markdown-it: 14.1.0.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8402 - Mattermost Server Denial of Service Vulnerability
CVE ID : CVE-2025-8402
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.10.x <= 10.10.0, 10.9.x <= 10.9.3 fail to validate import data which allows a system admin to crash the server via the bulk import feature.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9309 - Tenda MD5 Hash Handler Local Hard-Coded Credentials Vulnerability
CVE ID : CVE-2025-9309
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file /etc_ro/shadow of the component MD5 Hash Handler. Performing manipulation results in hard-coded credentials. The attack needs to be approached locally. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The exploit has been made public and could be used.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9310
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : A vulnerability was determined in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. Affected by this vulnerability is an unknown functionality of the file /carRental_war/druid/login.html of the component Druid. Executing manipulation can lead to hard-coded credentials. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9311 - iSourcecode Apartment Management System SQL Injection
CVE ID : CVE-2025-9311
Published : Aug. 21, 2025, 5:15 p.m. | 2 hours, 54 minutes ago
Description : A vulnerability was identified in itsourcecode Apartment Management System 1.0. Affected by this issue is some unknown functionality of the file /fair/addfair.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-45438
Published : Aug. 21, 2025, 5:15 p.m. | 54 minutes ago
Description : An issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8.01.x before 8.01.14. The file quarantine.php within the SpamTitan interface allows unauthenticated users to trigger account-level actions using a crafted GET request. Notably, when a non-existent email address is provided as part of the email parameter, SpamTitan will automatically create a user record and associate quarantine settings with it - all without requiring authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43755
Published : Aug. 21, 2025, 5:15 p.m. | 54 minutes ago
Description : A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.0 t through 7.4.3.132, and Liferay DXP 2025.Q2.0, 2025.Q1.0 through 2025.Q1.13, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.17 and 7.4 GA through update 92 allows an remote authenticated attacker to inject JavaScript into the _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_type parameter.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43756
Published : Aug. 21, 2025, 5:15 p.m. | 54 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.15, 2025.Q2.0 through 2025.Q2.2 and 2024.Q1.13 through 2024.Q1.19 allows a remote authenticated user to inject JavaScript code via snippet parameter.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55521 - Akaunting Settings Localisation Denial of Service (DoS)
CVE ID : CVE-2025-55521
Published : Aug. 21, 2025, 5:15 p.m. | 54 minutes ago
Description : An issue in the component /settings/localisation of Akaunting v3.1.18 allows authenticated attackers to cause a Denial of Service (DoS) via a crafted POST request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55743
Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago
Description : UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy like Burp suite. Make changes to the file extension and content. The vulnerability is fixed in 0.2.1.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55744
Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago
Description : UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, some of the endpoints of the application is vulnerable to Cross site Request forgery (CSRF). This vulnerability is fixed in 0.2.1.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57753
Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago
Description : vite-plugin-static-copy is rollup-plugin-copy for Vite with dev server support. Files not included in src are accessible with a crafted request. The vulnerability is fixed in 2.3.2 and 3.1.2.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9162
Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago
Description : A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process
allows for injection attacks when crafted realm documents are processed. An attacker can leverage this to inject malicious content during the realm import procedure. This can lead to unintended consequences within the Keycloak environment.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9306 - SourceCodester Advanced School Management System Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-9306
Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago
Description : A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/notice/addNotice. The manipulation of the argument noticeSubject results in cross site scripting. It is possible to launch the attack remotely. The exploit is now public and may be used.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9307
Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago
Description : A flaw has been found in PHPGurukul Online Course Registration 3.1. This affects an unknown function of the file /admin/session.php. This manipulation of the argument sesssion causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9308
Published : Aug. 21, 2025, 4:15 p.m. | 1 hour, 54 minutes ago
Description : A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This impacts the function setOptions of the file src/util/request-manager.js. Such manipulation leads to inefficient regular expression complexity. Local access is required to approach this attack. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-48956 - Apache vLLM HTTP Header DoS Vulnerability
CVE ID : CVE-2025-48956
Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago
Description : vLLM is an inference and serving engine for large language models (LLMs). From 0.1.0 to before 0.10.1.1, a Denial of Service (DoS) vulnerability can be triggered by sending a single HTTP GET request with an extremely large header to an HTTP endpoint. This results in server memory exhaustion, potentially leading to a crash or unresponsiveness. The attack does not require authentication, making it exploitable by any remote user. This vulnerability is fixed in 0.10.1.1.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50860 - Easy Hosting Control Panel SQL Injection
CVE ID : CVE-2025-50860
Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago
Description : SQL Injection in the listdomains function in Easy Hosting Control Panel (EHCP) 20.04.1.b allows authenticated attackers to access or manipulate database contents via the arananalan POST parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52194
Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago
Description : A buffer overflow vulnerability exists in libsndfile version 1.2.2 and potentially earlier versions when processing malformed IRCAM audio files. The vulnerability occurs in the ircam_read_header function at src/ircam.c:164 during sample rate processing, leading to memory corruption and potential code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53251
Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago
Description : Unrestricted Upload of File with Dangerous Type vulnerability in An-Themes Pin WP allows Upload a Web Shell to a Web Server.This issue affects Pin WP: from n/a through 6.9.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55297
Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago
Description : ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. The BluFi example bundled in ESP-IDF was vulnerable to memory overflows in two areas: Wi-Fi credential handling and Diffie–Hellman key exchange. This vulnerability is fixed in 5.4.1, 5.3.3, 5.1.6, and 5.0.9.
Severity: 5.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55371 - jshERP Insecure Direct Object Reference (IDOR)
CVE ID : CVE-2025-55371
Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago
Description : Incorrect access control in the component /controller/PersonController.java of jshERP v3.5 allows unauthorized attackers to obtain all the information of the handler by executing the getAllList method.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55383
Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago
Description : Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows attackers to upload files of any extension to any location on the target server.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9303 - TOTOLINK A720R Buffer Overflow in setParentalRules
CVE ID : CVE-2025-9303
Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago
Description : A security flaw has been discovered in TOTOLINK A720R 4.1.5cu.630_B20250509. This issue affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. Performing manipulation of the argument desc results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9304 - SourceCodester Online Bank Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9304
Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago
Description : A weakness has been identified in SourceCodester Online Bank Management System 1.0. Impacted is an unknown function of the file /bank/show.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be performed from a remote location. The exploit has been made available to the public and could be exploited.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9305 - SourceCodester Online Bank Management System SQL Injection
CVE ID : CVE-2025-9305
Published : Aug. 21, 2025, 3:15 p.m. | 53 minutes ago
Description : A security vulnerability has been detected in SourceCodester Online Bank Management System 1.0. The affected element is an unknown function of the file /bank/mnotice.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34158 - Plex Media Server Remote Code Execution Vulnerability
CVE ID : CVE-2025-34158
Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are affected by an unspecified security vulnerability reported via Plex’s bug bounty program. While technical details have not been publicly disclosed, the issue was acknowledged by the vendor and resolved in version 1.42.1. The vulnerability may have posed a risk to system integrity, confidentiality, or availability, prompting a strong recommendation for all users to upgrade immediately.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51818
Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago
Description : MCCMS 2.7.0 is vulnerable to Arbitrary file deletion in the Backups.php component. This allows an attacker to execute arbitrary commands
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55366 - jshERP Unauthenticated User Password Reset and Privilege Escalation
CVE ID : CVE-2025-55366
Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago
Description : Incorrect access control in the component \controller\UserController.java of jshERP v3.5 allows attackers to arbitrarily reset user account passwords and execute a horizontal privilege escalation attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55367 - jshERP Arbitrary Supplier Status Modification Vulnerability
CVE ID : CVE-2025-55367
Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago
Description : Incorrect access control in the component \controller\SupplierController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55368 - jshERP Unauthenticated Supplier Status Modification Vulnerability
CVE ID : CVE-2025-55368
Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago
Description : Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55370
Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago
Description : Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5 allows unauthorized attackers to obtain all the corresponding ID data by modifying the ID value.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55564 - Tenda AC15 Denial of Service (DoS) Stack Overflow
CVE ID : CVE-2025-55564
Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago
Description : Tenda AC15 v15.03.05.19_multi_TD01 has a stack overflow via the list parameter in the fromSetIpMacBind function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9301 - "CMake Local Assertion Vulnerability"
CVE ID : CVE-2025-9301
Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago
Description : A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This affects the function cmForEachFunctionBlocker::ReplayItems of the file cmForEachCommand.cxx. This manipulation causes reachable assertion. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Patch name: 37e27f71bc356d880c908040cd0cb68fa2c371b8. It is suggested to install a patch to address this issue.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9302 - PHPGurukul User Management System SQL Injection
CVE ID : CVE-2025-9302
Published : Aug. 21, 2025, 2:15 p.m. | 1 hour, 52 minutes ago
Description : A vulnerability was identified in PHPGurukul User Management System 1.0. This vulnerability affects unknown code of the file /signup.php. Such manipulation of the argument emailid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47184
Published : Aug. 21, 2025, 1:15 p.m. | 2 hours, 53 minutes ago
Description : An XML external entities (XXE) injection vulnerability in the /init API endpoint in Exagid EX10 7.0.1p02 allows an authenticated, unprivileged attacker to achieve information disclosure and privilege escalation via a crafted ISys XML message.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9297
Published : Aug. 21, 2025, 1:15 p.m. | 2 hours, 53 minutes ago
Description : A vulnerability was detected in Tenda i22 1.0.0.3(4687). This impacts the function formWeixinAuthInfoGet of the file /goform/wxportalauth. Performing manipulation of the argument Type results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9298
Published : Aug. 21, 2025, 1:15 p.m. | 2 hours, 53 minutes ago
Description : A flaw has been found in Tenda M3 1.0.0.12. Affected is the function formQuickIndex of the file /goform/QuickIndex. Executing manipulation of the argument PPPOEPassword can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9299
Published : Aug. 21, 2025, 1:15 p.m. | 2 hours, 53 minutes ago
Description : A vulnerability has been found in Tenda M3 1.0.0.12. Affected by this vulnerability is the function formGetMasterPassengerAnalyseData of the file /goform/getMasterPassengerAnalyseData. The manipulation of the argument Time leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9300 - Saitoha Libsixel Local Stack-Based Buffer Overflow
CVE ID : CVE-2025-9300
Published : Aug. 21, 2025, 1:15 p.m. | 2 hours, 53 minutes ago
Description : A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixel_debug_print_palette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit has been made public and could be used. The patch is identified as 316c086e79d66b62c0c4bc66229ee894e4fdb7d1. Applying a patch is advised to resolve this issue.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9296 - Emlog Pro Unrestricted File Upload Vulnerability
CVE ID : CVE-2025-9296
Published : Aug. 21, 2025, 12:15 p.m. | 3 hours, 53 minutes ago
Description : A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown function of the file /admin/blogger.php?action=update_avatar. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8064
Published : Aug. 21, 2025, 10:15 a.m. | 3 hours, 53 minutes ago
Description : The Bible SuperSearch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘selector_height’ parameter in all versions up to, and including, 6.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47700
Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago
Description : Mattermost Server versions 10.5.x <= 10.5.9 utilizing the Agents plugin fail to reject empty request bodies which allows users to trick users into clicking malicious links via post actions
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47870 - Mattermost Team Invite ID Disclosure
CVE ID : CVE-2025-47870
Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago
Description : Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.9.x <= 10.9.2 fail to sanitize the team invite ID in the POST /api/v4/teams/:teamId/restore endpoint which allows an team admin with no member invite privileges to get the team’s invite id.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-49222 - Mattermost File Type Validation Bypass
CVE ID : CVE-2025-49222
Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago
Description : Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.9.x <= 10.9.2, 10.10.x <= 10.10.0 fail to validate upload types in remote cluster upload sessions which allows a system admin to upload non-attachment file types via shared channels that could potentially be placed in arbitrary filesystem directories.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-49810 - Mattermost Information Disclosure
CVE ID : CVE-2025-49810
Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago
Description : Mattermost versions 10.5.x <= 10.5.8 fail to validate access controls at time of access which allows user to read a thread via AI posts
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53971
Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago
Description : Mattermost versions 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to properly validate authorization for team scheme role modifications which allows Team Admins to demote Team Members to Guests via the PUT /api/v4/teams/team-id/members/user-id/schemeRoles API endpoint.
Severity: 3.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8023
Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago
Description : Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17, 10.9.x <= 10.9.2 fails to sanitize path traversal sequences in template file destination paths, which allows a system admin to perform path traversal attacks via malicious path components, potentially enabling malicious file placement outside intended directories.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8895
Published : Aug. 21, 2025, 8:15 a.m. | 5 hours, 53 minutes ago
Description : The WP Webhooks plugin for WordPress is vulnerable to arbitrary file copy due to missing validation of user-supplied input in all versions up to, and including, 3.3.5. This makes it possible for unauthenticated attackers to copy arbitrary files on the affected site's server to arbitrary locations. This can be used to copy the contents of wp-config.php into a text file which can then be accessed in a browser to reveal database credentials.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-36530
Published : Aug. 21, 2025, 7:15 a.m. | 6 hours, 53 minutes ago
Description : Mattermost versions 10.9.x <= 10.9.1, 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin signature enforcement and marketplace restrictions.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7221 - GiveWP – Donation Plugin and Fundraising Platform Unauthenticated Payment Status Modification Vulnerability
CVE ID : CVE-2025-7221
Published : Aug. 21, 2025, 6:15 a.m. | 7 hours, 53 minutes ago
Description : The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the give_update_payment_status() function in all versions up to, and including, 4.5.0. This makes it possible for authenticated attackers, with GiveWP Worker-level access and above, to update donations statuses. This ability is not present in the user interface.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7390
Published : Aug. 21, 2025, 6:15 a.m. | 7 hours, 53 minutes ago
Description : A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8592
Published : Aug. 21, 2025, 6:15 a.m. | 7 hours, 53 minutes ago
Description : The Inspiro theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.2. This is due to missing or incorrect nonce validation on the inspiro_install_plugin() function. This makes it possible for unauthenticated attackers to install plugins from the repository via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8607
Published : Aug. 21, 2025, 6:15 a.m. | 7 hours, 53 minutes ago
Description : The SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown block's attributes in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53504
Published : Aug. 21, 2025, 5:15 a.m. | 8 hours, 53 minutes ago
Description : Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed in the user's web browser.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53505
Published : Aug. 21, 2025, 5:15 a.m. | 8 hours, 53 minutes ago
Description : Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a path traversal vulnerability. If this vulnerability is exploited, information on the server hosting the product may be exposed.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57829 - Apache HTTP Server Command Injection
CVE ID : CVE-2025-57829
Published : Aug. 21, 2025, 4:16 a.m. | 9 hours, 52 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57830 - Apache HTTP Server Authentication Bypass
CVE ID : CVE-2025-57830
Published : Aug. 21, 2025, 4:16 a.m. | 9 hours, 52 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57831 - Apache HTTP Server Unknown Method Response
CVE ID : CVE-2025-57831
Published : Aug. 21, 2025, 4:16 a.m. | 9 hours, 52 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57832 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-57832
Published : Aug. 21, 2025, 4:16 a.m. | 9 hours, 52 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57824
Published : Aug. 21, 2025, 4:15 a.m. | 9 hours, 11 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57825 - Cisco WebEx Meeting Center Cross-Site Request Forgery
CVE ID : CVE-2025-57825
Published : Aug. 21, 2025, 4:15 a.m. | 9 hours, 11 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57826 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-57826
Published : Aug. 21, 2025, 4:15 a.m. | 9 hours, 11 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57827 - Apache HTTP Server Authentication Bypass
CVE ID : CVE-2025-57827
Published : Aug. 21, 2025, 4:15 a.m. | 9 hours, 11 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57828 - Apache HTTP Server Unsecured Configuration
CVE ID : CVE-2025-57828
Published : Aug. 21, 2025, 4:15 a.m. | 9 hours, 11 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-48355 - ProveSource Social Proof Information Exposure Vulnerability
CVE ID : CVE-2025-48355
Published : Aug. 21, 2025, 4:15 a.m. | 7 hours, 11 minutes ago
Description : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in ProveSource LTD ProveSource Social Proof allows Retrieve Embedded Sensitive Data.This issue affects ProveSource Social Proof: from n/a through 3.0.5.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48978
Published : Aug. 21, 2025, 1:15 a.m. | 8 hours, 11 minutes ago
Description : An Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.11.0 and earlier) could allow a Command Injection by a malicious actor with access to EdgeSwitch adjacent network.
Affected Products:
EdgeMAX EdgeSwitch (Version 1.11.0 and earlier)
Mitigation:
Update the EdgeMAX EdgeSwitch to Version 1.11.1 or later.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24285 - "UniFi Connect EV Station Lite Command Injection Vulnerability"
CVE ID : CVE-2025-24285
Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 36 minutes ago
Description : Multiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a Command Injection by a malicious actor with network access to the UniFi Connect EV Station Lite.
Affected Products:
UniFi Connect EV Station Lite (Version 1.5.1 and earlier)
Mitigation:
Update UniFi Connect EV Station Lite to Version 1.5.2 or later
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27213 - Ubiquiti UniFi Connect Improper Access Control Vulnerability
CVE ID : CVE-2025-27213
Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 35 minutes ago
Description : An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect devices to enable Android Debug Bridge (ADB) and make unsupported changes to the system.
Affected Products:
UniFi Connect EV Station Pro (Version 1.5.18 and earlier)
UniFi Connect Display (Version 1.9.324 and earlier)
UniFi Connect Display Cast (Version 1.9.301 and earlier)
UniFi Connect Display Cast Pro (Version 1.0.78 and earlier)
UniFi Connect Display Cast Lite (Version 1.0.3 and earlier)
Mitigation:
Update UniFi Connect EV Station Pro to Version 1.5.27 or later
Update UniFi Connect Display to Version 1.13.6 or later
Update UniFi Connect Display Cast to Version 1.10.3 or later
Update UniFi Connect Display Cast Pro to Version 1.0.83 or later
Update UniFi Connect Display Cast Lite to Version 1.1.3 or later
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27214 - "UniFi Connect EV Station Pro Authentication Bypass"
CVE ID : CVE-2025-27214
Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 35 minutes ago
Description : A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset.
Affected Products:
UniFi Connect EV Station Pro (Version 1.5.18 and earlier)
Mitigation:
Update UniFi Connect EV Station Pro to Version 1.5.27 or later
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27215
Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 35 minutes ago
Description : An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect Display Cast devices to make unsupported changes to the system.
Affected Products:
UniFi Connect Display Cast (Version 1.10.3 and earlier)
UniFi Connect Display Cast Pro (Version 1.0.89 and earlier)
UniFi Connect Display Cast Lite (Version 1.0.3 and earlier)
Mitigation:
Update UniFi Connect Display Cast to Version 1.10.7 or later
Update UniFi Connect Display Cast Pro to Version 1.0.94 or later
Update UniFi Connect Display Cast Lite to Version 1.1.8 or later
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27216
Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 35 minutes ago
Description : Multiple Incorrect Permission Assignment for Critical Resource in UISP Application may allow a malicious actor with certain permissions to escalate privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27217
Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 35 minutes ago
Description : A Server-Side Request Forgery (SSRF) in the UISP Application may allow a malicious actor with certain permissions to make requests outside of UISP Application scope.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43300 - Apple macOS and iPadOS Out-of-Bounds Write Vulnerability
CVE ID : CVE-2025-43300
Published : Aug. 21, 2025, 1:15 a.m. | 5 hours, 35 minutes ago
Description : An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9264
Published : Aug. 21, 2025, 12:15 a.m. | 6 hours, 36 minutes ago
Description : A vulnerability was found in Xuxueli xxl-job up to 3.1.1. Affected by this issue is the function remove of the file /src/main/java/com/xxl/job/admin/controller/JobInfoController.java of the component Jobs Handler. Performing manipulation of the argument ID results in improper control of resource identifiers. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9253
Published : Aug. 20, 2025, 11:15 p.m. | 6 hours, 44 minutes ago
Description : A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RP_doSpecifySiteSurvey of the file /goform/RP_doSpecifySiteSurvey. The manipulation of the argument ssidhex leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9262
Published : Aug. 20, 2025, 11:15 p.m. | 6 hours, 44 minutes ago
Description : A flaw has been found in wong2 mcp-cli 1.13.0. Affected is the function redirectToAuthorization of the file /src/oauth/provider.js of the component oAuth Handler. This manipulation causes os command injection. The attack may be initiated remotely. The attack is considered to have high complexity. The exploitability is told to be difficult. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9263
Published : Aug. 20, 2025, 11:15 p.m. | 6 hours, 44 minutes ago
Description : A vulnerability has been found in Xuxueli xxl-job up to 3.1.1. Affected by this vulnerability is the function getJobsByGroup of the file /src/main/java/com/xxl/job/admin/controller/JobLogController.java. Such manipulation of the argument jobGroup leads to improper control of resource identifiers. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9288
Published : Aug. 20, 2025, 10:15 p.m. | 7 hours, 44 minutes ago
Description : Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects sha.js: through 2.4.11.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9252 - Linksys RE6000 Series Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-9252
Published : Aug. 20, 2025, 10:15 p.m. | 6 hours, 35 minutes ago
Description : A weakness has been identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this vulnerability is the function DisablePasswordAlertRedirect of the file /goform/DisablePasswordAlertRedirect. Executing manipulation of the argument hint can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9287 - Cipher-Base Cryptographic Input Data Manipulation Vulnerability
CVE ID : CVE-2025-9287
Published : Aug. 20, 2025, 10:15 p.m. | 6 hours, 35 minutes ago
Description : Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57749
Published : Aug. 20, 2025, 10:15 p.m. | 5 hours, 44 minutes ago
Description : n8n is a workflow automation platform. Before 1.106.0, a symlink traversal vulnerability was discovered in the Read/Write File node in n8n. While the node attempts to restrict access to sensitive directories and files, it does not properly account for symbolic links (symlinks). An attacker with the ability to create symlinks—such as by using the Execute Command node—could exploit this to bypass the intended directory restrictions and read from or write to otherwise inaccessible paths. Users of n8n.cloud are not impacted. Affected users should update to version 1.106.0 or later.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9250 - Linksys RE Series Stack-Based Buffer Overflow
CVE ID : CVE-2025-9250
Published : Aug. 20, 2025, 10:15 p.m. | 5 hours, 44 minutes ago
Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This impacts the function setPWDbyBBS of the file /goform/setPWDbyBBS. Such manipulation of the argument hint leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9251
Published : Aug. 20, 2025, 10:15 p.m. | 5 hours, 44 minutes ago
Description : A security flaw has been discovered in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function sta_wps_pin of the file /goform/sta_wps_pin. Performing manipulation of the argument Ssid results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-57155
Published : Aug. 20, 2025, 9:15 p.m. | 6 hours, 44 minutes ago
Description : Incorrect access control in radar v1.0.8 allows attackers to bypass authentication and access sensitive APIs without a token.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9247
Published : Aug. 20, 2025, 9:15 p.m. | 6 hours, 44 minutes ago
Description : A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The affected element is the function setVlan of the file /goform/setVlan. The manipulation of the argument vlan_set leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9248 - Linksys RE Series Remote Stack-Based Buffer Overflow
CVE ID : CVE-2025-9248
Published : Aug. 20, 2025, 9:15 p.m. | 6 hours, 44 minutes ago
Description : A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The impacted element is the function RP_pingGatewayByBBS of the file /goform/RP_pingGatewayByBBS. The manipulation of the argument ssidhex results in stack-based buffer overflow. The attack may be performed from a remote location. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9249 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-9249
Published : Aug. 20, 2025, 9:15 p.m. | 6 hours, 44 minutes ago
Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function DHCPReserveAddGroup of the file /goform/DHCPReserveAddGroup. This manipulation of the argument enable_group/name_group/ip_group/mac_group causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9244
Published : Aug. 20, 2025, 8:15 p.m. | 7 hours, 44 minutes ago
Description : A security vulnerability has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function addStaticRoute of the file /goform/addStaticRoute. Such manipulation of the argument staticRoute_IP_setting/staticRoute_Netmask_setting/staticRoute_Gateway_setting/staticRoute_Metric_setting/staticRoute_destType_setting leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9245
Published : Aug. 20, 2025, 8:15 p.m. | 7 hours, 44 minutes ago
Description : A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function WPSSTAPINEnr of the file /goform/WPSSTAPINEnr. Performing manipulation of the argument ssid results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9246 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-9246
Published : Aug. 20, 2025, 8:15 p.m. | 7 hours, 44 minutes ago
Description : A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Impacted is the function check_port_conflict of the file /goform/check_port_conflict. Executing manipulation of the argument single_port_rule/port_range_rule can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-57154
Published : Aug. 20, 2025, 8:15 p.m. | 5 hours, 8 minutes ago
Description : Incorrect access control in dts-shop v0.0.1-SNAPSHOT allows attackers to bypass authentication via sending a crafted payload to /admin/auth/index.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43757
Published : Aug. 20, 2025, 8:15 p.m. | 5 hours, 8 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.2, 2025.Q1.0 through 2025.Q1.14, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.18 and 7.4 GA through update 92 allows a remote authenticated attacker to inject JavaScript code via _com_liferay_dynamic_data_mapping_web_portlet_DDMPortlet_definition parameter.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50902
Published : Aug. 20, 2025, 8:15 p.m. | 5 hours, 8 minutes ago
Description : Cross Site Request Forgery (CSRF) vulnerability in old-peanut Open-Shop (aka old-peanut/wechat_applet__open_source) thru 1.0.0 allows attackers to gain sensitive information via crafted HTTP Post message.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54988
Published : Aug. 20, 2025, 8:15 p.m. | 5 hours, 8 minutes ago
Description : Critical XXE in Apache Tika (tika-parser-pdf-module) in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to internal resources or third-party servers. Note that the tika-parser-pdf-module is used as a dependency in several Tika packages including at least: tika-parsers-standard-modules, tika-parsers-standard-package, tika-app, tika-grpc and tika-server-standard.
Users are recommended to upgrade to version 3.2.2, which fixes this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5115 - Jetty HTTP/2 Client Resource Exhaustion Denial of Service
CVE ID : CVE-2025-5115
Published : Aug. 20, 2025, 8:15 p.m. | 5 hours, 8 minutes ago
Description : In Eclipse Jetty, versions <=9.4.57, <=10.0.25, <=11.0.25, <=12.0.21, <=12.1.0.alpha2, an HTTP/2 client may trigger the server to send RST_STREAM frames, for example by sending frames that are malformed or that should not be sent in a particular stream state, therefore forcing the server to consume resources such as CPU and memory.
For example, a client can open a stream and then send WINDOW_UPDATE frames with window size increment of 0, which is illegal.
Per specification https://www.rfc-editor.org/rfc/rfc9113.html#name-window_update , the server should send a RST_STREAM frame.
The client can now open another stream and send another bad WINDOW_UPDATE, therefore causing the server to consume more resources than necessary, as this case does not exceed the max number of concurrent streams, yet the client is able to create an enormous amount of streams in a short period of time.
The attack can be performed with other conditions (for example, a DATA frame for a closed stream) that cause the server to send a RST_STREAM frame.
Links:
* https://github.com/jetty/jetty.project/security/advisories/GHSA-mmxm-8w33-wc4h
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9241
Published : Aug. 20, 2025, 8:15 p.m. | 5 hours, 8 minutes ago
Description : A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43746
Published : Aug. 20, 2025, 7:15 p.m. | 6 hours, 8 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.2, 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.18 and 7.4 GA through update 92 allows a remote authenticated attacker to inject JavaScript code via _com_liferay_dynamic_data_mapping_web_portlet_DDMPortlet_portletNamespace and _com_liferay_dynamic_data_mapping_web_portlet_DDMPortlet_namespace parameter.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9240 - Elunez Eladmin Information Disclosure Vulnerability
CVE ID : CVE-2025-9240
Published : Aug. 20, 2025, 7:15 p.m. | 6 hours, 8 minutes ago
Description : A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file /auth/info. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been released to the public and may be exploited.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-57152 - My-Site Unauthenticated Access Control Vulnerability
CVE ID : CVE-2024-57152
Published : Aug. 20, 2025, 7:15 p.m. | 3 hours, 34 minutes ago
Description : Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access sensitive components without authentication via the cn.luischen.interceptor.BaseInterceptor class
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9237 - CodeAstro Ecommerce Website Cross Site Scripting
CVE ID : CVE-2025-9237
Published : Aug. 20, 2025, 6:15 p.m. | 4 hours, 34 minutes ago
Description : A vulnerability was found in CodeAstro Ecommerce Website 1.0. This impacts an unknown function of the file /customer/my_account.php?edit_account of the component Edit Your Account Page. Performing manipulation of the argument Username results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9238
Published : Aug. 20, 2025, 6:15 p.m. | 4 hours, 34 minutes ago
Description : A vulnerability was determined in Swatadru Exam-Seating-Arrangement up to 97335ccebf95468d92525f4255a2241d2b0b002f. Affected is an unknown function of the file /student.php of the component Student Login. Executing manipulation of the argument email can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9239
Published : Aug. 20, 2025, 6:15 p.m. | 4 hours, 34 minutes ago
Description : A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STR_PARAM with the input Passw0rd leads to inadequate encryption strength. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitation appears to be difficult.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-53495 - Apache Struts Unauthenticated Access Control Bypass
CVE ID : CVE-2024-53495
Published : Aug. 20, 2025, 6:15 p.m. | 3 hours, 35 minutes ago
Description : Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to access sensitive components without authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47054
Published : Aug. 20, 2025, 6:15 p.m. | 3 hours, 35 minutes ago
Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. A low privileged attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in that a victim must visit a specially crafted web page.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55746 - Directus Unauthenticated File Upload and Modification Vulnerability
CVE ID : CVE-2025-55746
Published : Aug. 20, 2025, 6:15 p.m. | 3 hours, 35 minutes ago
Description : Directus is a real-time API and App dashboard for managing SQL database content. From 10.8.0 to before 11.9.3, a vulnerability exists in the file update mechanism which allows an unauthenticated actor to modify existing files with arbitrary contents (without changes being applied to the files' database-resident metadata) and / or upload new files, with arbitrary content and extensions, which won't show up in the Directus UI. This vulnerability is fixed in 11.9.3.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9236
Published : Aug. 20, 2025, 6:15 p.m. | 3 hours, 35 minutes ago
Description : A vulnerability has been found in Portabilis i-Diario up to 2.10. This affects an unknown function of the file /intranet/educar_tipo_usuario_lst.php of the component Tipos de usàrio Page. Such manipulation of the argument nm_tipo leads to sql injection. The attack may be performed from a remote location. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9234
Published : Aug. 20, 2025, 5:15 p.m. | 4 hours, 35 minutes ago
Description : A vulnerability was detected in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file maintenance_events.shtm. The manipulation of the argument Alias results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9235
Published : Aug. 20, 2025, 5:15 p.m. | 4 hours, 35 minutes ago
Description : A flaw has been found in Scada-LTS up to 2.7.8.1. The impacted element is an unknown function of the file compound_events.shtm. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8415
Published : Aug. 20, 2025, 5:15 p.m. | 3 hours, 34 minutes ago
Description : A vulnerability was found in the Cryostat HTTP API. Cryostat's HTTP API binds to all network interfaces, allowing possible external visibility and access to the API port if Network Policies are disabled, allowing an unauthenticated, malicious attacker to jeopardize the environment.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8610
Published : Aug. 20, 2025, 5:15 p.m. | 3 hours, 34 minutes ago
Description : AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AOMEI Cyber Backup. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the StorageNode service, which listens on TCP port 9075 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-26156.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8611
Published : Aug. 20, 2025, 5:15 p.m. | 3 hours, 34 minutes ago
Description : AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AOMEI Cyber Backup. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the DaoService service, which listens on TCP port 9074 by default. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-26158.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8612 - AOMEI Backupper Workstation Local Privilege Escalation (LPE)
CVE ID : CVE-2025-8612
Published : Aug. 20, 2025, 5:15 p.m. | 3 hours, 34 minutes ago
Description : AOMEI Backupper Workstation Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AOMEI Backupper Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. User interaction on the part of an administrator is needed additionally.
The specific flaw exists within the restore functionality. By creating a junction, an attacker can abuse the service to create arbitrary files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-27059.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46998
Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago
Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50901
Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago
Description : JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 (2025-05-19) contains incorrect authentication bypass vulnerability, which can lead to arbitrary file reading.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50904
Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago
Description : There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 (2025-06-11). An attacker can exploit this vulnerability to access /admin/ API without any token.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55444 - Online Artwork Fine Arts MCA Project SQL Injection Vulnerability
CVE ID : CVE-2025-55444
Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago
Description : A SQL injection vulnerability exists in the id2 parameter of the cancel_booking.php page in Online Artwork and Fine Arts MCA Project 1.0. A remote attacker can inject arbitrary SQL queries, leading to database enumeration and potential remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6180
Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago
Description : The StrongDM Client insufficiently protected a pre-authentication token. Attackers could exploit this to intercept and reuse the token, potentially redeeming valid authentication credentials through a race condition.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6181 - StrongDM Windows Privilege Escalation Remote Code Execution
CVE ID : CVE-2025-6181
Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago
Description : The StrongDM Windows service incorrectly handled input validation. Authenticated attackers could potentially exploit this leading to privilege escalation.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6182 - StrongDM Windows Certificate Management Privilege Escalation Vulnerability
CVE ID : CVE-2025-6182
Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago
Description : The StrongDM Windows service incorrectly handled communication related to system certificate management. Attackers could exploit this behavior to install untrusted root certificates or remove trusted ones.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6183
Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago
Description : The StrongDM macOS client incorrectly processed JSON-formatted messages. Attackers could potentially modify macOS system configuration by crafting a malicious JSON message.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8309 - ManageEngine Asset Explorer Privilege Escalation Vulnerability
CVE ID : CVE-2025-8309
Published : Aug. 20, 2025, 5:15 p.m. | 2 hours, 25 minutes ago
Description : There is an improper privilege management vulnerability identified in ManageEngine's Asset Explorer, ServiceDesk Plus, ServiceDesk Plus MSP, and SupportCenter Plus products by Zohocorp.
This vulnerability impacts Asset Explorer versions before 7710, ServiceDesk Plus versions before 15110, ServiceDesk Plus MSP versions before 14940, and SupportCenter Plus versions before 14940.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46932
Published : Aug. 20, 2025, 5:15 p.m. | 1 hour, 35 minutes ago
Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46936
Published : Aug. 20, 2025, 5:15 p.m. | 1 hour, 35 minutes ago
Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46962
Published : Aug. 20, 2025, 5:15 p.m. | 1 hour, 35 minutes ago
Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20131
Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago
Description : A vulnerability in the GUI of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device.
This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload via the ISE GUI. A successful exploit could allow the attacker to upload arbitrary files to an affected system.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20269 - Cisco EPNM and Prime Infrastructure HTTP Request Validation Bypass Vulnerability
CVE ID : CVE-2025-20269
Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago
Description : A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the underlying file system on an affected device.
This vulnerability is due to insufficient input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface on an affected device. A successful exploit could allow the attacker to access sensitive files from the affected device.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20345 - Cisco Duo Authentication Proxy Sensitive Information Disclosure Vulnerability
CVE ID : CVE-2025-20345
Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago
Description : A vulnerability in the debug logging function of Cisco Duo Authentication Proxy could allow an authenticated, high-privileged, remote attacker to view sensitive information in a system log file.
This vulnerability is due to insufficient masking of sensitive information before it is written to system log files. An attacker could exploit this vulnerability by accessing logs on an affected system. A successful exploit could allow the attacker to view sensitive information that should be restricted.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-28041 - itranswarp Unauthenticated Access Control Vulnerability
CVE ID : CVE-2025-28041
Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago
Description : Incorrect access control in the doFilter function of itranswarp up to 2.19 allows attackers to access sensitive components without authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46849
Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago
Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46852
Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago
Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46856
Published : Aug. 20, 2025, 5:15 p.m. | 52 minutes ago
Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. A low privileged attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in that a victim must visit a specially crafted web page.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2009-10005 - ContentKeeper Web Appliance File Inclusion Vulnerability
CVE ID : CVE-2009-10005
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : ContentKeeper Web Appliance (now maintained by Impero Software) versions prior to 125.10 expose the mimencode binary via a CGI endpoint, allowing unauthenticated attackers to retrieve arbitrary files from the filesystem. By crafting a POST request to /cgi-bin/ck/mimencode with traversal and output parameters, attackers can read sensitive files such as /etc/passwd outside the webroot.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2010-10014
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : Odin Secure FTP <= 4.1 is vulnerable to a stack-based buffer overflow when parsing directory listings received in response to an FTP LIST command. A malicious FTP server can send an overly long filename in the directory listing, which overflows a fixed-size stack buffer in the client and overwrites the Structured Exception Handler (SEH). This allows remote attackers to execute arbitrary code on the client system.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2010-20042 - Xion Audio Player SEH Overwrite Vulnerability
CVE ID : CVE-2010-20042
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : Xion Audio Player versions prior to 1.0.126 are vulnerable to a Unicode-based stack buffer overflow triggered by opening a specially crafted .m3u playlist file. The file contains an overly long string that overwrites the Structured Exception Handler (SEH) chain, allowing an attacker to hijack execution flow and run arbitrary code.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2010-20045 - FileWrangler FTP Server Buffer Overflow
CVE ID : CVE-2010-20045
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : FileWrangler <= 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corruption during client-side rendering. Exploitation requires passive user interaction—simply connecting to the server—without further input. Successful exploitation may lead to arbitrary code execution.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2010-20049
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : LeapFTP < 3.1.x contains a stack-based buffer overflow vulnerability in its FTP client parser. When the client receives a directory listing containing a filename longer than 528 bytes, the application fails to properly bound-check the input and overwrites the Structured Exception Handler (SEH) chain. This allows an attacker operating a malicious FTP server to execute arbitrary code on the victim’s machine when the file is listed or downloaded.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2010-20059
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in its web interface. The exec_raw.php script exposes a cmd parameter that is passed directly to the underlying shell without sanitation.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2010-20103
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : A malicious backdoor was embedded in the official ProFTPD 1.3.3c source tarball distributed between November 28 and December 2, 2010. The backdoor implements a hidden FTP command trigger that, when invoked, causes the server to execute arbitrary shell commands with root privileges. This allows remote, unauthenticated attackers to run any OS command on the FTP server host.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2011-10020 - Kaillera Server UDP Packet Handling Denial-of-Service Vulnerability
CVE ID : CVE-2011-10020
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become unresponsive. This flaw stems from improper input validation in the server’s UDP packet handler, allowing unauthenticated remote attackers to disrupt service availability.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2011-10021 - Magix Musik Maker Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2011-10021
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : Magix Musik Maker 16 is vulnerable to a stack-based buffer overflow due to improper handling of .mmm arrangement files. The vulnerability arises from an unsafe strcpy() operation that fails to validate input length, allowing attackers to overwrite the Structured Exception Handler (SEH). By crafting a malicious .mmm file, an attacker can trigger the overflow when the file is opened, potentially leading to arbitrary code execution. This vulnerability was remediated in version 17.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10022
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : SPlayer version 3.7 and earlier is vulnerable to a stack-based buffer overflow when processing HTTP responses containing an overly long Content-Type header. The vulnerability occurs due to improper bounds checking on the header value, allowing an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code. Exploitation requires the victim to open a media file that triggers an HTTP request to a malicious server, which responds with a crafted Content-Type header.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10023
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : MJM QuickPlayer (likely now referred to as MJM Player) version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitrary code. Exploitation is achieved via a crafted payload that bypasses DEP and ASLR protections using ROP techniques, and requires user interaction to open the file.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2011-10024 - MJM Core Player Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2011-10024
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : MJM Core Player (likely now referred to as MJM Player) 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute arbitrary code. Exploitation is triggered when a user opens a malicious .s3m file, and the exploit bypasses DEP and ASLR protections using a ROP chain.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10025
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10026
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Ruby’s send method. This flaw enables unauthenticated attackers to execute commands on the server.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10027
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an attacker can trigger a stack-based buffer overflow due to the use of unsafe strcpy operations. This allows remote attackers to execute arbitrary code when a victim opens a malicious .rtx file. AOL Desktop is end-of-life and no longer supported. Users are encouraged to migrate to AOL Desktop Gold or alternative platforms.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10028
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : The RealNetworks RealArcade platform includes an ActiveX control (InstallerDlg.dll, version 2.6.0.445) that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation or restrictions. This platform was sometimes referred to or otherwise known as RealArcade or Arcade Games and has since consolidated with RealNetworks' platform, GameHouse.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2011-10029 - Solar FTP Server Format String Denial of Service
CVE ID : CVE-2011-10029
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing format specifiers is sent, the server crashes due to a read access violation in the __output_1() function of sfsservice.exe. This results in a denial of service (DoS) condition.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2011-10030 - Foxit PDF Reader File Write Vulnerability
CVE ID : CVE-2011-10030
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : Foxit PDF Reader < 4.3.1.0218 exposes a JavaScript API function, createDataObject(), that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code execution the next time the system boots or the user logs in.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10061 - Sockso Music Host Server Path Traversal Vulnerability
CVE ID : CVE-2012-10061
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : Sockso Music Host Server versions <= 1.5 are vulnerable to a path traversal flaw that allows unauthenticated remote attackers to read arbitrary files from the server’s filesystem. The vulnerability exists in the HTTP interface on port 4444, where the endpoint /file/ fails to properly sanitize user-supplied input. Attackers can traverse directories and access sensitive files outside the intended web root.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-57157
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : Incorrect access control in Jantent v1.1 allows attackers to bypass authentication and access sensitive APIs without a token.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55731
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : Frappe is a full-stack web application framework. A carefully crafted request could extract data that the user would normally not have access to, via SQL injection. This vulnerability is fixed in 15.74.2 and 14.96.15.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55732
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : Frappe is a full-stack web application framework. Prior to 15.74.2 and 14.96.15, an attacker could implement SQL injection through specially crafted requests, allowing malicious people to access sensitive information. This vulnerability is a bypass of the official patch released for CVE-2025-52895. This vulnerability is fixed in 15.74.2 and 14.96.15.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55751
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : OnboardLite is the result of the Influx Initiative, our vision for an improved student organization lifecycle at the University of Central Florida. An attacker can craft a link to the trusted application that, when visited, redirects the user to a malicious external site. This enables phishing, credential theft, malware delivery, and trust abuse. Any version with commit hash 6cca19e or later implements jwt signing for the redirect url parameter.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9233
Published : Aug. 20, 2025, 4:15 p.m. | 1 hour ago
Description : A security vulnerability has been detected in Scada-LTS up to 2.7.8.1. Impacted is an unknown function of the file view_edit.shtm. The manipulation of the argument Name leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55498
Published : Aug. 20, 2025, 3:15 p.m. | 2 hours ago
Description : Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-57491
Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago
Description : Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-1139 - IBM Edge Application Manager Privilege Escalation Vulnerability
CVE ID : CVE-2025-1139
Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago
Description : IBM Edge Application Manager 4.5 could allow a local user to read or modify resources that they should not have authorization to access due to incorrect permission assignment.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-1142 - IBM Edge Application Manager SSRF Vulnerability
CVE ID : CVE-2025-1142
Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago
Description : IBM Edge Application Manager 4.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36114 - IBM QRadar SOAR Plugin App Directory Traversal Vulnerability
CVE ID : CVE-2025-36114
Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago
Description : IBM QRadar SOAR Plugin App 1.0.0 through 5.6.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43748
Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago
Description : Insufficient CSRF protection for omni-administrator users in Liferay Portal 7.0.0 through 7.4.3.119, and Liferay DXP 2024.Q1.1 through 2024.Q1.6, 2023.Q4.0 through 2023.Q4.9, 2023.Q3.1 through 2023.Q3.9, 7.4 GA through update 92, 7.3 GA through update 36, and older unsupported versions allows attackers to execute Cross-Site Request Forgery
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50864
Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago
Description : An Origin Validation Error in the elysia-cors library thru 1.3.0 allows attackers to bypass Cross-Origin Resource Sharing (CORS) restrictions. The library incorrectly validates the supplied origin by checking if it is a substring of any domain in the site's CORS policy, rather than performing an exact match. For example, a malicious origin like "notexample.com", "example.common.net" is whitelisted when the site's CORS policy specifies "example.com." This vulnerability enables unauthorized access to user data on sites using the elysia-cors library for CORS validation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51990
Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago
Description : XWiki through version 17.3.0 is affected by multiple stored Cross-Site Scripting (XSS) vulnerabilities in the Administration interface, specifically under the Presentation section of the Global Preferences panel. An authenticated administrator can inject arbitrary JavaScript payloads into the HTTP Meta Info, Footer Copyright, and Footer Version fields. These inputs are stored and subsequently rendered without proper output encoding or sanitization on public-facing pages. As a result, the injected scripts are persistently executed in the browser context of any visitor to the affected instances including both authenticated and unauthenticated users. No user interaction is required beyond visiting a page that includes the malicious content. Successful exploitation can lead to session hijacking, credential theft, unauthorized actions via session riding, or further compromise of the application through client-side attacks. The vulnerability introduces significant risk in any deployment, especially in shared or internet-facing environments where administrator credentials may be compromised.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51991
Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago
Description : XWiki through version 17.3.0 is vulnerable to Server-Side Template Injection (SSTI) in the Administration interface, specifically within the HTTP Meta Info field of the Global Preferences Presentation section. An authenticated administrator can inject crafted Apache Velocity template code, which is rendered on the server side without proper validation or sandboxing. This enables the execution of arbitrary template logic, which may expose internal server information or, in specific configurations, lead to further exploitation such as remote code execution or sensitive data leakage. The vulnerability resides in improper handling of dynamic template rendering within user-supplied configuration fields.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55482
Published : Aug. 20, 2025, 3:15 p.m. | 53 minutes ago
Description : Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the formSetCfm function.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30256 - Tenda AC6 HTTP Header Parsing Denial of Service
CVE ID : CVE-2025-30256
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31355
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : A firmware update vulnerability exists in the Firmware Signature Validation functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted malicious file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-32010 - Tenda AC6 Cloud API Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-32010
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50503 - Touch Lebanon Mobile App Password Reset Bypass Vulnerability
CVE ID : CVE-2025-50503
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : A vulnerability in the password reset workflow of the Touch Lebanon Mobile App 2.20.2 allows an attacker to bypass the OTP reset password mechanism. By manipulating the reset process, an unauthorized user may be able to reset the password and gain access to the account without needing to provide a legitimate authentication factor, such as an OTP. This compromises account security and allows for potential unauthorized access to user data.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54923 - Apache Service Remote Code Execution Vulnerability
CVE ID : CVE-2025-54923
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code execution and compromise of system integrity when authenticated users send crafted data to a network-exposed service that performs unsafe deserialization.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54924
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthorized access to sensitive data when an attacker sends a specially crafted document to a vulnerable endpoint.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54925
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthorized access to sensitive data when an attacker configures the application to access a malicious url.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54926 - Apache HTTP Server Remote Code Execution Path Traversal
CVE ID : CVE-2025-54926
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code execution when an authenticated attacker with admin privileges uploads a malicious file over HTTP which then gets executed.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54927 - Apache HTTP Server Path Traversal Vulnerability
CVE ID : CVE-2025-54927
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized access to sensitive files when an authenticated attackers uses a crafted path input that is processed by the system.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55483
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : Tenda AC6 V15.03.06.23_multi is vulnerable to Buffer Overflow in the function formSetMacFilterCfg via the parameters macFilterType and deviceList.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55499
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the ntpServer parameter in the fromSetSysTime function.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55503
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : Tenda AC6 V15.03.06.23_multi has a stack overflow vulnerability via the deviceName parameter in the saveParentControlInfo function.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8448
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause unauthorized access to sensitive credential data when an attacker is able to capture local SMB traffic between a valid user within the BMS network and the vulnerable products.
Severity: 2.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8449
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service when an authenticated user sends a specially crafted request to a specific endpoint from within the BMS network.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9074 - "Docker Desktop Unauthenticated Engine API Access Vulnerability"
CVE ID : CVE-2025-9074
Published : Aug. 20, 2025, 2:15 p.m. | 1 hour, 53 minutes ago
Description : A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled, and with or without the "Expose daemon on tcp://localhost:2375 without TLS" option enabled.
This can lead to execution of a wide range of privileged commands to the engine API, including controlling other containers, creating new ones, managing images etc. In some circumstances (e.g. Docker Desktop for Windows with WSL backend) it also allows mounting the host drive with the same privileges as the user running Docker Desktop.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24322
Published : Aug. 20, 2025, 2:15 p.m. | 27 minutes ago
Description : An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24496
Published : Aug. 20, 2025, 2:15 p.m. | 27 minutes ago
Description : An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27129
Published : Aug. 20, 2025, 2:15 p.m. | 27 minutes ago
Description : An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this vulnerability.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43749
Published : 20 août 2025 13:15 | 52 minutes ago
Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows unauthenticated users (guests) to access via URL files uploaded in the form and stored in document_library
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43750
Published : 20 août 2025 13:15 | 52 minutes ago
Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.19 and 7.4 GA through update 92 allows remote unauthenticated users (guests) to upload files via the form attachment field without proper validation, enabling extension obfuscation and bypassing MIME type checks.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4437
Published : 20 août 2025 13:15 | 52 minutes ago
Description : There's a vulnerability in the CRI-O application where when container is launched with securityContext.runAsUser specifying a non-existent user, CRI-O attempts to create the user, reading the container's entire /etc/passwd file into memory. If this file is excessively large, it can cause the a high memory consumption leading applications to be killed due to out-of-memory. As a result a denial-of-service can be achieved, possibly disrupting other pods and services running in the same host.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4877
Published : 20 août 2025 13:15 | 52 minutes ago
Description : There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to ssh_get_fingerprint_hash() function. In such cases the bin_to_base64() function can experience an integer overflow leading to a memory under allocation, when that happens it's possible that the program perform out of bounds write leading to a heap corruption.
This issue affects only 32-bits builds of libssh.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54172 - QuickCMS Stored XSS Vulnerability in sTitle Parameter
CVE ID : CVE-2025-54172
Published : 20 août 2025 13:15 | 52 minutes ago
Description : QuickCMS is vulnerable to Stored XSS in sTitle parameter in page editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. Regular admin user is not able to inject any JS scripts into the page.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54174 - QuickCMS Cross-Site Request Forgery (CSRF) in Article Creation
CVE ID : CVE-2025-54174
Published : 20 août 2025 13:15 | 52 minutes ago
Description : QuickCMS is vulnerable to Cross-Site Request Forgery in article creation functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST request creating a malicious article with content defined by the attacker.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54175 - QuickCMS Reflected XSS in Thumbnail Viewer sFileName Parameter
CVE ID : CVE-2025-54175
Published : 20 août 2025 13:15 | 52 minutes ago
Description : QuickCMS.EXT is vulnerable to Reflected XSS in sFileName parameter in thumbnail viewer functionality. An attacker can craft a malicious URL that results in arbitrary JavaScript execution in the victim's browser when opened.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.8 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8453
Published : 20 août 2025 13:15 | 52 minutes ago
Description : CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation and
arbitrary code execution when a privileged engineer user with console access modifies a configuration file
used by a root-level daemon to execute custom scripts.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43741
Published : 20 août 2025 12:15 | 1 heure, 52 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.3, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows an remote authenticated attacker to inject JavaScrip in the _com_liferay_users_admin_web_portlet_UsersAdminPortlet_assetTagNames parameter
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43742
Published : 20 août 2025 12:15 | 1 heure, 52 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.3, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript in web content for friendly urls.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7777
Published : 20 août 2025 12:15 | 1 heure, 52 minutes ago
Description : The mirror-registry doesn't properly sanitize the host header HTTP header in HTTP request received, allowing an attacker to perform malicious redirects to attacker-controlled domains or phishing campaigns.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8102 - Easy Digital Downloads WordPress CSRF
CVE ID : CVE-2025-8102
Published : 20 août 2025 12:15 | 1 heure, 52 minutes ago
Description : The Easy Digital Downloads plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.5.0. This is due to missing nonce validations in the edd_sendwp_disconnect() and edd_sendwp_remote_install() functions. This makes it possible for unauthenticated attackers to deactivate or download and activate the SendWP plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9173 - Emlog Pro Unrestricted File Upload Vulnerability
CVE ID : CVE-2025-9173
Published : 20 août 2025 11:15 | 2 heures, 52 minutes ago
Description : A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown processing of the file /admin/media.php?action=upload&sid=0. Executing manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57727 - JetBrains IntelliJ IDEA Remote Reference Credentials Disclosure Vulnerability
CVE ID : CVE-2025-57727
Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago
Description : In JetBrains IntelliJ IDEA before 2025.2 credentials disclosure was possible via remote reference
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57728 - JetBrains IntelliJ IDEA Code With Me Guest File Disclosure
CVE ID : CVE-2025-57728
Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago
Description : In JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to discover hidden files
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57729 - JetBrains IntelliJ IDEA Plugin Startup Vulnerability
CVE ID : CVE-2025-57729
Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago
Description : In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic LSP server start
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57730 - JetBrains IntelliJ IDEA HTML Injection Vulnerability
CVE ID : CVE-2025-57730
Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago
Description : In JetBrains IntelliJ IDEA before 2025.2 hTML injection was possible via Remote Development feature
Severity: 5.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57731
Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago
Description : In JetBrains YouTrack before 2025.2.92387 stored XSS was possible via Mermaid diagram content
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57732
Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago
Description : In JetBrains TeamCity before 2025.07.1 privilege escalation was possible due to incorrect directory ownership
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57733
Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago
Description : In JetBrains TeamCity before 2025.07.1 sMTP injection was possible allowing modification of email content
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57734
Published : 20 août 2025 10:15 | 3 heures, 52 minutes ago
Description : In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5260
Published : 20 août 2025 09:15 | 4 heures, 52 minutes ago
Description : Server-Side Request Forgery (SSRF) vulnerability in Pik Online Yazılım Çözümleri A.Ş. Pik Online allows Server Side Request Forgery.This issue affects Pik Online: before 3.1.5.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5261 - Pik Online Authorization Bypass Through User-Controlled Key
CVE ID : CVE-2025-5261
Published : 20 août 2025 09:15 | 4 heures, 52 minutes ago
Description : Authorization Bypass Through User-Controlled Key vulnerability in Pik Online Yazılım Çözümleri A.Ş. Pik Online allows Exploitation of Trusted Identifiers.This issue affects Pik Online: before 3.1.5.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9228 - MiR Text Note Authorization Bypass
CVE ID : CVE-2025-9228
Published : 20 août 2025 09:15 | 4 heures, 52 minutes ago
Description : MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes,
allowing low-privilege users to create notes which are intended only for administrative users.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9229 - MiR Error Handling Information Disclosure Vulnerability
CVE ID : CVE-2025-9229
Published : 20 août 2025 09:15 | 4 heures, 52 minutes ago
Description : Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows unauthenticated attackers to view detailed error information, such as file paths and other data, via access to verbose error pages.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-39954
Published : Aug. 20, 2025, 9:15 a.m. | 4 hours, 5 minutes ago
Description : CWE-918 Server-Side Request Forgery (SSRF) in eventmesh-runtime module in WebhookUtil.java on windows\linux\mac os e.g. allows the attacker can abuse functionality on the server to read or update internal resources.
Users are recommended to upgrade to version 1.12.0 or use the master branch , which fixes this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54677
Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago
Description : Unrestricted Upload of File with Dangerous Type vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita allows Using Malicious Files. This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.5.3.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54713 - Magepeopleteam Taxi Booking Manager for WooCommerce Authentication Bypass
CVE ID : CVE-2025-54713
Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago
Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce allows Authentication Abuse. This issue affects Taxi Booking Manager for WooCommerce: from n/a through 1.3.0.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54726 - Miguel Useche JS Archive List SQL Injection
CVE ID : CVE-2025-54726
Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Miguel Useche JS Archive List allows SQL Injection. This issue affects JS Archive List: from n/a through n/a.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54735
Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago
Description : Incorrect Privilege Assignment vulnerability in Emraan Cheema CubeWP Framework allows Privilege Escalation. This issue affects CubeWP Framework: from n/a through 1.1.24.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54750
Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FunnelKit Funnel Builder by FunnelKit allows PHP Local File Inclusion. This issue affects Funnel Builder by FunnelKit: from n/a through 3.11.1.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55715 - Themeisle Otter - Gutenberg Block Sensitive Data Information Disclosure
CVE ID : CVE-2025-55715
Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago
Description : Insertion of Sensitive Information Into Sent Data vulnerability in Themeisle Otter - Gutenberg Block allows Retrieve Embedded Sensitive Data. This issue affects Otter - Gutenberg Block: from n/a through 3.1.0.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9225 - MiR Robots and MiR Fleet Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-9225
Published : Aug. 20, 2025, 8:15 a.m. | 5 hours, 5 minutes ago
Description : Stored cross-site scripting (XSS) in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54053 - Groundhogg Deserialization of Untrusted Data Object Injection
CVE ID : CVE-2025-54053
Published : Aug. 20, 2025, 8:15 a.m. | 3 hours, 33 minutes ago
Description : Deserialization of Untrusted Data vulnerability in Adrian Tobey Groundhogg allows Object Injection. This issue affects Groundhogg: from n/a through 4.2.2.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54055
Published : Aug. 20, 2025, 8:15 a.m. | 3 hours, 33 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Druco allows Reflected XSS. This issue affects Druco: from n/a through 1.5.2.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54056 - LambertGroup Responsive HTML5 Audio Player PRO With Playlist Cross-site Scripting
CVE ID : CVE-2025-54056
Published : Aug. 20, 2025, 8:15 a.m. | 3 hours, 33 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Responsive HTML5 Audio Player PRO With Playlist allows Reflected XSS. This issue affects Responsive HTML5 Audio Player PRO With Playlist: from n/a through 3.5.8.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54670
Published : Aug. 20, 2025, 8:15 a.m. | 3 hours, 33 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bobbingwide oik allows Reflected XSS. This issue affects oik: from n/a through 4.15.2.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54052
Published : Aug. 20, 2025, 8:15 a.m. | 3 hours, 5 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Realtyna Realtyna Organic IDX plugin allows PHP Local File Inclusion. This issue affects Realtyna Organic IDX plugin: from n/a through 5.0.0.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54031 - Schiocco Support Board PHP Remote File Inclusion Vulnerability
CVE ID : CVE-2025-54031
Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Schiocco Support Board allows PHP Local File Inclusion. This issue affects Support Board: from n/a through 3.8.0.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54032 - WebCodingPlace Real Estate Manager Pro Cross-site Scripting
CVE ID : CVE-2025-54032
Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodingPlace Real Estate Manager Pro allows Reflected XSS. This issue affects Real Estate Manager Pro: from n/a through 12.7.3.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54034
Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Tribulant Software Newsletters allows PHP Local File Inclusion. This issue affects Newsletters: from n/a through 4.10.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54040
Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago
Description : Missing Authorization vulnerability in Webba Appointment Booking Webba Booking allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Webba Booking: from n/a through 5.1.20.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54044 - CreativeMedia Elite Video Player Cross-site Scripting Vulnerability
CVE ID : CVE-2025-54044
Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in _CreativeMedia_ Elite Video Player allows Reflected XSS. This issue affects Elite Video Player: from n/a through 10.0.5.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54046
Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs Cost Calculator allows Stored XSS. This issue affects Cost Calculator: from n/a through 7.4.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54048 - miniOrange Custom API for WP SQL Injection
CVE ID : CVE-2025-54048
Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniOrange Custom API for WP allows SQL Injection. This issue affects Custom API for WP: from n/a through 4.2.2.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54049 - miniOrange Custom API for WP Privilege Escalation Vulnerability
CVE ID : CVE-2025-54049
Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 57 minutes ago
Description : Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP allows Privilege Escalation. This issue affects Custom API for WP: from n/a through 4.2.2.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54019
Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 10 minutes ago
Description : Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone allows Code Injection. This issue affects Alone: from n/a through n/a.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54021 - Mitchell Bennis Simple File List Path Traversal
CVE ID : CVE-2025-54021
Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 10 minutes ago
Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mitchell Bennis Simple File List allows Path Traversal. This issue affects Simple File List: from n/a through 6.1.14.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54025
Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 10 minutes ago
Description : Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon Affiliates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Coupon Affiliates: from n/a through 6.4.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54027 - Schiocco Support Board Cross-site Scripting
CVE ID : CVE-2025-54027
Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 10 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Schiocco Support Board allows Reflected XSS. This issue affects Support Board: from n/a through 3.8.0.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54028
Published : Aug. 20, 2025, 8:15 a.m. | 1 hour, 10 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Saleswonder Team Tobias CF7 WOW Styler allows PHP Local File Inclusion. This issue affects CF7 WOW Styler: from n/a through 1.7.2.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9202 - ColorMag WordPress Unauthorized Data Modification Vulnerability
CVE ID : CVE-2025-9202
Published : Aug. 20, 2025, 7:15 a.m. | 57 minutes ago
Description : The ColorMag theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the welcome_notice_import_handler() function in all versions up to, and including, 4.0.19. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install the ThemeGrill Demo Importer plugin.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53522 - Movable Type Email Password Reset Vulnerability
CVE ID : CVE-2025-53522
Published : Aug. 20, 2025, 5:15 a.m. | 2 hours, 57 minutes ago
Description : Movable Type contains an issue with use of less trusted source. If exploited, tampered email to reset a password may be sent by a remote unauthenticated attacker.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54551 - Synapse Mobility Web Parameter Privilege Escalation
CVE ID : CVE-2025-54551
Published : Aug. 20, 2025, 5:15 a.m. | 2 hours, 57 minutes ago
Description : Synapse Mobility 8.0, 8.0.1, 8.0.2, 8.1, and 8.1.1 contain a privilege escalation vulnerability through external control of Web parameter. If exploited, a user of the product may escalate the privilege and access data that the user do not have permission to view by altering the parameters of the search function.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55706
Published : Aug. 20, 2025, 5:15 a.m. | 2 hours, 57 minutes ago
Description : URL redirection to untrusted site ('Open Redirect') issue exists in Movable Type. If this vulnerability is exploited, an invalid parameter may be inserted into the password reset page, which may lead to redirection to an arbitrary URL.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8618
Published : Aug. 20, 2025, 5:15 a.m. | 2 hours, 57 minutes ago
Description : The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's woosq_btn shortcode in all versions up to, and including, 4.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57742 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-57742
Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57743
Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57744 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-57744
Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57745
Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57746 - Microsoft Azure Active Directory Authentication Bypass
CVE ID : CVE-2025-57746
Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57747 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-57747
Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57748 - Apache HTTP Server Local File Inclusion
CVE ID : CVE-2025-57748
Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57788 - Commvault Unauthenticated API Execution Vulnerability
CVE ID : CVE-2025-57788
Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago
Description : An issue was discovered in Commvault before 11.36.60. A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57789
Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago
Description : An issue was discovered in Commvault before 11.36.60. During the brief window between installation and the first administrator login, remote attackers may exploit the default credential to gain admin control. This is limited to the setup phase, before any jobs have been configured.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57790
Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago
Description : An issue was discovered in Commvault before 11.36.60. A security vulnerability has been identified that allows remote attackers to perform unauthorized file system access through a path traversal issue. The vulnerability may lead to remote code execution.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57791
Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 57 minutes ago
Description : An issue was discovered in Commvault before 11.36.60. A security vulnerability has been identified that allows remote attackers to inject or manipulate command-line arguments passed to internal components due to insufficient input validation. Successful exploitation results in a valid user session for a low privilege role.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54363 - Microsoft Knack Regular Expression Denial of Service (ReDoS)
CVE ID : CVE-2025-54363
Published : Aug. 20, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : Microsoft Knack 0.12.0 allows Regular expression Denial of Service (ReDoS) in the knack.introspection module (issue 1 of 2).
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54364 - Microsoft Knack Regular Expression Denial of Service (ReDoS)
CVE ID : CVE-2025-54364
Published : Aug. 20, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : Microsoft Knack 0.12.0 allows Regular expression Denial of Service (ReDoS) in the knack.introspection module (issue 2 of 2).
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8141
Published : Aug. 20, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : The Redirection for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_associated_files function in all versions up to, and including, 3.2.4. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8145 - "Contact Form 7 PHP Object Injection and RCE Vulnerability"
CVE ID : CVE-2025-8145
Published : Aug. 20, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.4 via deserialization of untrusted input in the get_lead_fields function. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain in a Contact Form 7 plugin allows attackers to delete arbitrary files. Additionally, in certain server configurations, Remote Code Execution is possible
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8289 - "WordPress Redirection for Contact Form 7 PHP Object Injection Vulnerability"
CVE ID : CVE-2025-8289
Published : Aug. 20, 2025, 3:15 a.m. | 4 hours, 57 minutes ago
Description : The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.4 via deserialization of untrusted input in the delete_associated_files function. This makes it possible for unauthenticated attackers to inject a PHP Object. This vulnerability may be exploited by unauthenticated attackers when a form is present on the site with a file upload action, and doesn't affect sites with PHP version > 8. This vulnerability also requires the 'Redirection For Contact Form 7 Extension - Create Post' extension to be installed and activated in order to be exploited. No known POP chain is present in the vulnerable software, which means this vulnerability has no impact unless another plugin or theme containing a POP chain is installed on the site. If a POP chain is present via an additional plugin or theme installed on the target system, it may allow the attacker to perform actions like delete arbitrary files, retrieve sensitive data, or execute code depending on the POP chain present. We confirmed there is a usable gadget in Contact Form 7 plugin that makes arbitrary file deletion possible when installed with this plugin. Given Contact Form 7 is a requirement of this plugin, it is likely that any site with this plugin and the 'Redirection For Contact Form 7 Extension - Create Post' extension enabled is vulnerable to arbitrary file deletion.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-12223
Published : Aug. 20, 2025, 1:15 a.m. | 6 hours, 57 minutes ago
Description : Prism Central versions prior to 2024.3.1 are vulnerable to a stored cross-site scripting attack via the Events component, allowing an attacker to hijack a victim user’s session and perform actions in their security context.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9132 - Google Chrome V8 Out-of-Bounds Heap Corruption Vulnerability
CVE ID : CVE-2025-9132
Published : Aug. 20, 2025, 1:15 a.m. | 6 hours, 57 minutes ago
Description : Out of bounds write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9176 - Neurobin shc OS Command Injection Vulnerability
CVE ID : CVE-2025-9176
Published : Aug. 20, 2025, 12:15 a.m. | 7 hours, 57 minutes ago
Description : A security flaw has been discovered in neurobin shc up to 4.0.3. Impacted is the function make of the file src/shc.c of the component Environment Variable Handler. The manipulation results in os command injection. The attack is only possible with local access. The exploit has been released to the public and may be exploited.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9193 - TOTVS Portal Meu RH Open Redirect Vulnerability
CVE ID : CVE-2025-9193
Published : Aug. 20, 2025, 12:15 a.m. | 7 hours, 57 minutes ago
Description : A flaw has been found in TOTVS Portal Meu RH up to 12.1.17. Impacted is an unknown function of the component Password Reset Handler. Executing manipulation of the argument redirectUrl can lead to open redirect. The attack may be performed from a remote location. The exploit has been published and may be used. Upgrading to version 12.1.2410.274, 12.1.2502.178 and 12.1.2506.121 is recommended to address this issue. It is recommended to upgrade the affected component. The vendor explains, that "[o]ur internal validation (...) confirms that the reported behavior does not exist in currently supported releases. In these tests, the redirectUrl parameter is ignored, and no malicious redirection occurs." This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9175
Published : Aug. 19, 2025, 11:15 p.m. | 7 hours, 46 minutes ago
Description : A vulnerability was identified in neurobin shc up to 4.0.3. This issue affects the function make of the file src/shc.c. The manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9171
Published : Aug. 19, 2025, 11:15 p.m. | 5 hours, 27 minutes ago
Description : A security flaw has been discovered in SolidInvoice up to 2.4.0. The impacted element is an unknown function of the file /clients of the component Clients Module. Performing manipulation of the argument Name results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9174 - Neurobin Shc OS Command Injection Vulnerability
CVE ID : CVE-2025-9174
Published : Aug. 19, 2025, 11:15 p.m. | 5 hours, 27 minutes ago
Description : A vulnerability was determined in neurobin shc up to 4.0.3. This vulnerability affects the function make of the file src/shc.c of the component Filename Handler. Executing manipulation can lead to os command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9169
Published : Aug. 19, 2025, 10:15 p.m. | 6 hours, 27 minutes ago
Description : A vulnerability was determined in SolidInvoice up to 2.4.0. Impacted is an unknown function of the file /quotes of the component Quote Module. This manipulation of the argument Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9170
Published : Aug. 19, 2025, 10:15 p.m. | 6 hours, 27 minutes ago
Description : A vulnerability was identified in SolidInvoice up to 2.4.0. The affected element is an unknown function of the file /tax/rates of the component Tax Rates Module. Such manipulation of the argument Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9167
Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago
Description : A vulnerability has been found in SolidInvoice up to 2.4.0. This vulnerability affects unknown code of the file /invoice/recurring of the component Recurring Invoice Module. The manipulation of the argument client name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9168
Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago
Description : A vulnerability was found in SolidInvoice up to 2.4.0. This issue affects some unknown processing of the file /invoice of the component Invoice Creation Module. The manipulation of the argument Client Name results in cross site scripting. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9179
Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago
Description : An attacker was able to perform memory corruption in the GMP process which processes encrypted media. This process is also heavily sandboxed, but represents slightly different privileges from the content process. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9180 - "Firefox/Thunderbird Same-Origin Policy Bypass in Graphics: Canvas2D"
CVE ID : CVE-2025-9180
Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago
Description : 'Same-origin policy bypass in the Graphics: Canvas2D component.' This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9181 - Mozilla Firefox JavaScript Engine Uninitialized Memory Vulnerability
CVE ID : CVE-2025-9181
Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago
Description : Uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 142, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9182
Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago
Description : 'Denial-of-service due to out-of-memory in the Graphics: WebRender component.' This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird < 140.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9183 - Firefox Spoofing Address Bar Vulnerability
CVE ID : CVE-2025-9183
Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago
Description : Spoofing issue in the Address Bar component. This vulnerability affects Firefox < 142 and Firefox ESR < 140.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9184
Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago
Description : Memory safety bugs present in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142, Firefox ESR < 140.2, Thunderbird < 142, and Thunderbird < 140.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9185 - Mozilla Firefox/Thunderbird Memory Corruption Vulnerabilities
CVE ID : CVE-2025-9185
Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago
Description : Memory safety bugs present in Firefox ESR 115.26, Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142, Firefox ESR < 115.27, Firefox ESR < 128.14, Firefox ESR < 140.2, Thunderbird < 142, Thunderbird < 128.14, and Thunderbird < 140.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9186 - Firefox Focus for Android URL Spoofing Vulnerability
CVE ID : CVE-2025-9186
Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago
Description : Spoofing issue in the Address Bar component of Firefox Focus for Android. This vulnerability affects Firefox < 142.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9187
Published : Aug. 19, 2025, 9:15 p.m. | 6 hours, 28 minutes ago
Description : Memory safety bugs present in Firefox 141 and Thunderbird 141. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 142 and Thunderbird < 142.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55032 - Focus for iOS MIME Type Vulnerability
CVE ID : CVE-2025-55032
Published : Aug. 19, 2025, 9:15 p.m. | 5 hours, 42 minutes ago
Description : Focus for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline, potentially allowing for XSS attacks This vulnerability affects Focus for iOS < 142.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55033 - Focus for iOS JavaScript Injection Vulnerability
CVE ID : CVE-2025-55033
Published : Aug. 19, 2025, 9:15 p.m. | 5 hours, 42 minutes ago
Description : Dragging JavaScript links to the URL bar in Focus for iOS could be utilized to run malicious scripts, potentially resulting in XSS attacks This vulnerability affects Focus for iOS < 142.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8041 - Firefox for Android URL Truncation Vulnerability
CVE ID : CVE-2025-8041
Published : Aug. 19, 2025, 9:15 p.m. | 5 hours, 42 minutes ago
Description : In the address bar, Firefox for Android truncated the display of URLs from the end instead of prioritizing the origin. This vulnerability affects Firefox < 141.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8042 - Firefox for Android Cross-Site Download Vulnerability
CVE ID : CVE-2025-8042
Published : Aug. 19, 2025, 9:15 p.m. | 5 hours, 42 minutes ago
Description : Firefox for Android allowed a sandboxed iframe without the `allow-downloads` attribute to start downloads. This vulnerability affects Firefox < 141.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8364 - Mozilla Firefox Android URI Spoofing Vulnerability
CVE ID : CVE-2025-8364
Published : Aug. 19, 2025, 9:15 p.m. | 5 hours, 42 minutes ago
Description : A crafted URL using a blob: URI could have hidden the true origin of the page, resulting in a potential spoofing attack.
*Note: This issue only affected Android operating systems. Other operating systems are unaffected.* This vulnerability affects Firefox < 141.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55030 - Firefox for iOS MIME Type Misinterpretation Vulnerability
CVE ID : CVE-2025-55030
Published : Aug. 19, 2025, 9:15 p.m. | 3 hours, 54 minutes ago
Description : Firefox for iOS would not respect a Content-Disposition header of type Attachment and would incorrectly display the content inline rather than downloading, potentially allowing for XSS attacks This vulnerability affects Firefox for iOS < 142.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55031 - Firefox for iOS Bluetooth Hybrid Passkey Transport Vulnerability
CVE ID : CVE-2025-55031
Published : Aug. 19, 2025, 9:15 p.m. | 3 hours, 54 minutes ago
Description : Malicious pages could use Firefox for iOS to pass FIDO: links to the OS and trigger the hybrid passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. This vulnerability affects Firefox for iOS < 142 and Focus for iOS < 142.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54143 - Mozilla Firefox for iOS Cross-Site Download
CVE ID : CVE-2025-54143
Published : Aug. 19, 2025, 9:15 p.m. | 57 minutes ago
Description : Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the expected sandbox restrictions declared on the parent page This vulnerability affects Firefox for iOS < 141.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54144 - "Firefox for iOS URL Scheme Clickjacking Vulnerability"
CVE ID : CVE-2025-54144
Published : Aug. 19, 2025, 9:15 p.m. | 57 minutes ago
Description : The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow attackers to open arbitrary website URLs or internal pages if a user was tricked into clicking a link This vulnerability affects Firefox for iOS < 141.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54145 - Firefox for iOS QR Scanner Code Injection Vulnerability
CVE ID : CVE-2025-54145
Published : Aug. 19, 2025, 9:15 p.m. | 57 minutes ago
Description : The QR scanner could allow arbitrary websites to be opened if a user was tricked into scanning a malicious link that leveraged Firefox's open-text URL scheme This vulnerability affects Firefox for iOS < 141.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55028 - Firefox for iOS JavaScript Alert Denial of Service
CVE ID : CVE-2025-55028
Published : Aug. 19, 2025, 9:15 p.m. | 57 minutes ago
Description : Malicious scripts utilizing repetitive JavaScript alerts could prevent client user interaction in some scenarios and allow for denial of service attacks This vulnerability affects Firefox for iOS < 142.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55029 - Firefox for iOS Script Injection Vulnerability
CVE ID : CVE-2025-55029
Published : Aug. 19, 2025, 9:15 p.m. | 57 minutes ago
Description : Malicious scripts could bypass the popup blocker to spam new tabs, potentially resulting in denial of service attacks This vulnerability affects Firefox for iOS < 142.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9157 - Appneta Tcpreplay Use After Free Vulnerability
CVE ID : CVE-2025-9157
Published : Aug. 19, 2025, 8:15 p.m. | 1 hour, 56 minutes ago
Description : A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. The impacted element is the function untrunc_packet of the file src/tcpedit/edit_packet.c of the component tcprewrite. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been publicly disclosed and may be utilized. This patch is called 73008f261f1cdf7a1087dc8759115242696d35da. Applying a patch is advised to resolve this issue.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9165
Published : Aug. 19, 2025, 8:15 p.m. | 1 hour, 56 minutes ago
Description : A flaw has been found in LibTIFF 4.7.0. This affects the function _TIFFmallocExt/_TIFFCheckRealloc/TIFFHashSetNew/InitCCITTFax3 of the file tools/tiffcmp.c of the component tiffcmp. Executing manipulation can lead to memory leak. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ed141286a37f6e5ddafb5069347ff5d587e7a4e0. It is best practice to apply a patch to resolve this issue.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2988 - IBM Sterling B2B Integrator and IBM Sterling File Gateway Information Disclosure
CVE ID : CVE-2025-2988
Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago
Description : IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43743 - Liferay Portal Information Disclosure
CVE ID : CVE-2025-43743
Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago
Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows any authenticated remote user to view other calendars by allowing them to enumerate the names of other users, given an attacker the possibility to send phishing to these users.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43744
Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago
Description : A stored DOM-based Cross-Site Scripting (XSS) vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.5, 2025.Q1.0 through 2025.Q1.15, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.19 and 7.4 GA through update 92 exists in the Asset Publisher configuration UI within the Source.js module. This vulnerability allows attackers to inject arbitrary JavaScript via DDM structure field labels which are then inserted into the DOM using innerHTML without proper encoding.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50926 - Easy Hosting Control Panel EHCP SQL Injection Vulnerability
CVE ID : CVE-2025-50926
Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago
Description : Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection vulnerability via the id parameter in the List All Email Addresses function.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51543
Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago
Description : An issue was discovered in Cicool builder 3.4.4 allowing attackers to reset the administrator's password via the /administrator/auth/reset_password endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52337
Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago
Description : An authenticated arbitrary file upload vulnerability in the Content Explorer feature of LogicData eCommerce Framework v5.0.9.7000 allows attackers to execute arbitrary code via uploading a crafted file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55737
Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago
Description : flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, when deleting a comment, there's no validation of the ownership of the comment. Every user can delete an arbitrary comment of another user on every post, by simply intercepting the delete request and changing the commentID. The code that causes the problem is in routes/post.py.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55740
Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago
Description : nginx-defender is a high-performance, enterprise-grade Web Application Firewall (WAF) and threat detection system engineered for modern web infrastructure. This is a configuration vulnerability affecting nginx-defender deployments. Example configuration files
config.yaml and docker-compose.yml contain default credentials (default_password: "change_me_please", GF_SECURITY_ADMIN_PASSWORD=admin123). If users deploy nginx-defender without changing these defaults, attackers with network access could gain administrative control, bypassing security protections. The issue is addressed in v1.5.0 and later.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9155 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9155
Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago
Description : A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Impacted is an unknown function of the file /user/forget_password.php. Such manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9156 - iSourcecode Sports Management System SQL Injection
CVE ID : CVE-2025-9156
Published : Aug. 19, 2025, 8:15 p.m. | 37 minutes ago
Description : A vulnerability was found in itsourcecode Sports Management System 1.0. The affected element is an unknown function of the file /Admin/sports.php. Performing manipulation of the argument code results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-33008 - IBM Sterling B2B Integrator Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-33008
Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago
Description : IBM Sterling B2B Integrator 6.2.1.0 and IBM Sterling File Gateway 6.2.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43737
Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8 and 2025.Q1.0 through 2025.Q1.15 allows a remote authenticated user to inject JavaScript code via _com_liferay_journal_web_portlet_JournalPortlet_backURL parameter.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43745
Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago
Description : A CSRF vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.7, 2025.Q1.0 through 2025.Q1.14, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.19 and 7.4 GA through update 92 allows remote attackers to performs cross-origin request on behalf of the authenticated user via the endpoint parameter.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50891 - Adform Site Tracking Cross-Site Scripting (XSS)
CVE ID : CVE-2025-50891
Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago
Description : Adform Site Tracking 1.1 allows attackers to inject HTML or execute arbitrary code via cookie hijacking.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52338
Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago
Description : An issue in the default configuration of the password reset function in LogicData eCommerce Framework v5.0.9.7000 allows attackers to bypass authentication and compromise user accounts via a bruteforce attack.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55303
Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago
Description : Astro is a web framework for content-driven websites. In versions of astro before 5.13.2 and 4.16.18, the image optimization endpoint in projects deployed with on-demand rendering allows images from unauthorized third-party domains to be served. On-demand rendered sites built with Astro include an /_image endpoint which returns optimized versions of images. A bug in impacted versions of astro allows an attacker to bypass the third-party domain restrictions by using a protocol-relative URL as the image source, e.g. /_image?href=//example.com/image.png. This vulnerability is fixed in 5.13.2 and 4.16.18.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55306 - GenX FX Exposed API Keys and Authentication Tokens
CVE ID : CVE-2025-55306
Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago
Description : GenX_FX is an advance IA trading platform that will focus on forex trading. A vulnerability was identified in the GenX FX backend where API keys and authentication tokens may be exposed if environment variables are misconfigured. Unauthorized users could gain access to cloud resources (Google Cloud, Firebase, GitHub, etc.).
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55733
Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago
Description : DeepChat is a smart assistant that connects powerful AI to your personal world. DeepChat before 0.3.1 has a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted deepchat: URL on any website, including a malicious one they control. When a victim visits such a site or clicks on the link, the browser triggers the app’s custom URL handler (deepchat:), causing the DeepChat application to launch and process the URL, leading to remote code execution on the victim’s machine. This vulnerability is fixed in 0.3.1.
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55734 - FlaskBlog Unauthenticated Access to Sensitive Pages
CVE ID : CVE-2025-55734
Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago
Description : flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, the code checks if the userRole is "admin" only when visiting the /admin page, but not when visiting its subroutes. Specifically, only the file routes/adminPanel.py checks the user role when a user is trying to access the admin page, but that control is not done for the pages routes/adminPanelComments.py and routes/adminPanelPosts.py. Thus, an unauthorized user can bypass the intended restrictions, leaking sensitive data and accessing the following pages: /admin/posts, /adminpanel/posts, /admin/comments, and /adminpanel/comments.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55735
Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago
Description : flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, when creating a post, there's no validation of the content of the post stored in the variable "postContent". The vulnerability arises when displaying the content of the post using the | safe filter, that tells the engine to not escape the rendered content. This can lead to a stored XSS inside the content of the post. The code that causes the problem is in template/routes.html.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55736 - FlaskBlog Role Elevation Vulnerability
CVE ID : CVE-2025-55736
Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago
Description : flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, an arbitrary user can change his role to "admin", giving its relative privileges (e.g. delete users, posts, comments etc.). The problem is in the routes/adminPanelUsers file.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9153 - iSourcecode Online Tour and Travel Management System File Upload Vulnerability
CVE ID : CVE-2025-9153
Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago
Description : A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument photo results in unrestricted upload. The attack can be launched remotely. The exploit is now public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9154 - iSourcecode Online Tour and Travel Management System SQL Injection
CVE ID : CVE-2025-9154
Published : Aug. 19, 2025, 7:15 p.m. | 1 hour, 37 minutes ago
Description : A flaw has been found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /user/page-login.php. This manipulation of the argument email causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-44373 - AllSky Path Traversal Web Shell RCE
CVE ID : CVE-2024-44373
Published : Aug. 19, 2025, 7:15 p.m. | 52 minutes ago
Description : A Path Traversal vulnerability in AllSky v2023.05.01_04 allows an unauthenticated attacker to create a webshell and remote code execution via the path, content parameter to /includes/save_file.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31988 - HCL Digital Experience Cross-Site Scripting (XSS) Vulnerability
CVE ID : CVE-2025-31988
Published : Aug. 19, 2025, 7:15 p.m. | 52 minutes ago
Description : HCL Digital Experience is susceptible to cross site scripting (XSS) in an administrative UI with restricted access.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55153 - Apache HTTP Server XML Entity Injection
CVE ID : CVE-2025-55153
Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago
Description : Rejected reason: This CVE is a duplicate of another CVE.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55294
Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago
Description : screenshot-desktop allows capturing a screenshot of your local machine. This vulnerability is a command injection issue. When user-controlled input is passed into the format option of the screenshot function, it is interpolated into a shell command without sanitization. This results in arbitrary command execution with the privileges of the calling process. This vulnerability is fixed in 1.15.2.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55295
Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago
Description : qBit Manage is a tool that helps manage tedious tasks in qBittorrent and automate them. A path traversal vulnerability exists in qbit_manage's web API that allows authenticated users to read arbitrary files from the server filesystem through the restore_config_from_backup endpoint. The vulnerability allows attackers to bypass directory restrictions and read arbitrary files from the server filesystem by manipulating the backup_id parameter with path traversal sequences (e.g., ../). This vulnerability is fixed in 4.5.4.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8450
Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago
Description : Improper Access Control issue in the Workflow component of Fortra's FileCatalyst allows unauthenticated users to upload arbitrary files via the order forms page.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9149
Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago
Description : A vulnerability was determined in Wavlink WL-NU516U1 M16U1_V240425. This impacts the function sub_4032E4 of the file /cgi-bin/wireless.cgi. This manipulation of the argument Guest_ssid causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9150
Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago
Description : A vulnerability was identified in Surbowl dormitory-management-php up to 9f1d9d1f528cabffc66fda3652c56ff327fda317. Affected is an unknown function of the file /admin/violation_add.php?id=2. Such manipulation of the argument ID leads to sql injection. The attack may be performed from a remote location. The exploit is publicly available and might be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9151
Published : Aug. 19, 2025, 6:15 p.m. | 1 hour, 52 minutes ago
Description : A security flaw has been discovered in LiuYuYang01 ThriveX-Blog up to 3.1.7. Affected by this vulnerability is the function updateJsonValueByName of the file /web_config/json/name/web. Performing manipulation results in improper authorization. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54881
Published : Aug. 19, 2025, 5:15 p.m. | 2 hours, 52 minutes ago
Description : Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. In the default configuration of mermaid 10.9.0-rc.1 to 11.9.0, user supplied input for sequence diagram labels is passed to innerHTML during calculation of element size, causing XSS.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9147
Published : Aug. 19, 2025, 5:15 p.m. | 2 hours, 52 minutes ago
Description : A vulnerability has been found in jasonclark getsemantic up to 040c96eb8cf9947488bd01b8de99b607b0519f7d. The impacted element is an unknown function of the file /index.php. The manipulation of the argument view leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9148
Published : Aug. 19, 2025, 5:15 p.m. | 2 hours, 52 minutes ago
Description : A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. This affects an unknown function of the file ai/chat2db/server/web/api/controller/data/source/DataSourceController.java of the component JDBC Connection Handler. The manipulation results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38605
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type()
In ath12k_dp_tx_get_encap_type(), the arvif parameter is only used to
retrieve the ab pointer. In vdev delete sequence the arvif->ar could
become NULL and that would trigger kernel panic.
Since the caller ath12k_dp_tx() already has a valid ab pointer, pass it
directly to avoid panic and unnecessary dereferencing.
PC points to "ath12k_dp_tx+0x228/0x988 [ath12k]"
LR points to "ath12k_dp_tx+0xc8/0x988 [ath12k]".
The Backtrace obtained is as follows:
ath12k_dp_tx+0x228/0x988 [ath12k]
ath12k_mac_tx_check_max_limit+0x608/0x920 [ath12k]
ieee80211_process_measurement_req+0x320/0x348 [mac80211]
ieee80211_tx_dequeue+0x9ac/0x1518 [mac80211]
ieee80211_tx_dequeue+0xb14/0x1518 [mac80211]
ieee80211_tx_prepare_skb+0x224/0x254 [mac80211]
ieee80211_xmit+0xec/0x100 [mac80211]
__ieee80211_subif_start_xmit+0xc50/0xf40 [mac80211]
ieee80211_subif_start_xmit+0x2e8/0x308 [mac80211]
netdev_start_xmit+0x150/0x18c
dev_hard_start_xmit+0x74/0xc0
Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38606 - Linux Kernel WiFi ath12k: Null Pointer Deref in Beacon Miss Handling
CVE ID : CVE-2025-38606
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
wifi: ath12k: Avoid accessing uninitialized arvif->ar during beacon miss
During beacon miss handling, ath12k driver iterates over active virtual
interfaces (vifs) and attempts to access the radio object (ar) via
arvif->deflink->ar.
However, after commit aa80f12f3bed ("wifi: ath12k: defer vdev creation for
MLO"), arvif is linked to a radio only after vdev creation, typically when
a channel is assigned or a scan is requested.
For P2P capable devices, a default P2P interface is created by
wpa_supplicant along with regular station interfaces, these serve as dummy
interfaces for P2P-capable stations, lack an associated netdev and initiate
frequent scans to discover neighbor p2p devices. When a scan is initiated
on such P2P vifs, driver selects destination radio (ar) based on scan
frequency, creates a scan vdev, and attaches arvif to the radio. Once the
scan completes or is aborted, the scan vdev is deleted, detaching arvif
from the radio and leaving arvif->ar uninitialized.
While handling beacon miss for station interfaces, P2P interface is also
encountered in the vif iteration and ath12k_mac_handle_beacon_miss_iter()
tries to dereference the uninitialized arvif->deflink->ar.
Fix this by verifying that vdev is created for the arvif before accessing
its ar during beacon miss handling and similar vif iterator callbacks.
==========================================================================
wlp6s0: detected beacon loss from AP (missed 7 beacons) - probing
KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]
CPU: 5 UID: 0 PID: 0 Comm: swapper/5 Not tainted 6.16.0-rc1-wt-ath+ #2 PREEMPT(full)
RIP: 0010:ath12k_mac_handle_beacon_miss_iter+0xb5/0x1a0 [ath12k]
Call Trace:
__iterate_interfaces+0x11a/0x410 [mac80211]
ieee80211_iterate_active_interfaces_atomic+0x61/0x140 [mac80211]
ath12k_mac_handle_beacon_miss+0xa1/0xf0 [ath12k]
ath12k_roam_event+0x393/0x560 [ath12k]
ath12k_wmi_op_rx+0x1486/0x28c0 [ath12k]
ath12k_htc_process_trailer.isra.0+0x2fb/0x620 [ath12k]
ath12k_htc_rx_completion_handler+0x448/0x830 [ath12k]
ath12k_ce_recv_process_cb+0x549/0x9e0 [ath12k]
ath12k_ce_per_engine_service+0xbe/0xf0 [ath12k]
ath12k_pci_ce_workqueue+0x69/0x120 [ath12k]
process_one_work+0xe3a/0x1430
Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1
Tested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.1.c5-00284.1-QCAHMTSWPL_V1.0_V2.0_SILICONZ-3
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38607 - Linux Kernel BPF Conditional Jump Vulnerability
CVE ID : CVE-2025-38607
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
bpf: handle jset (if a & b ...) as a jump in CFG computation
BPF_JSET is a conditional jump and currently verifier.c:can_jump()
does not know about that. This can lead to incorrect live registers
and SCC computation.
E.g. in the following example:
1: r0 = 1;
2: r2 = 2;
3: if r1 & 0x7 goto +1;
4: exit;
5: r0 = r2;
6: exit;
W/o this fix insn_successors(3) will return only (4), a jump to (5)
would be missed and r2 won't be marked as alive at (3).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38608 - Linux Kernel ktls Uninitialized Data Corruption
CVE ID : CVE-2025-38608
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls
When sending plaintext data, we initially calculated the corresponding
ciphertext length. However, if we later reduced the plaintext data length
via socket policy, we failed to recalculate the ciphertext length.
This results in transmitting buffers containing uninitialized data during
ciphertext transmission.
This causes uninitialized bytes to be appended after a complete
"Application Data" packet, leading to errors on the receiving end when
parsing TLS record.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38609 - Linux Kernel Null Pointer Dereference in devfreq Governor
CVE ID : CVE-2025-38609
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
PM / devfreq: Check governor before using governor->name
Commit 96ffcdf239de ("PM / devfreq: Remove redundant governor_name from
struct devfreq") removes governor_name and uses governor->name to replace
it. But devfreq->governor may be NULL and directly using
devfreq->governor->name may cause null pointer exception. Move the check of
governor to before using governor->name.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38610 - Linux Powercap DTPM CPU NULL Pointer Dereference
CVE ID : CVE-2025-38610
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw()
The get_pd_power_uw() function can crash with a NULL pointer dereference
when em_cpu_get() returns NULL. This occurs when a CPU becomes impossible
during runtime, causing get_cpu_device() to return NULL, which propagates
through em_cpu_get() and leads to a crash when em_span_cpus() dereferences
the NULL pointer.
Add a NULL check after em_cpu_get() and return 0 if unavailable,
matching the existing fallback behavior in __dtpm_cpu_setup().
[ rjw: Drop an excess empty code line ]
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38611 - Linux Kernel vmci Information Leak Vulnerability
CVE ID : CVE-2025-38611
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
vmci: Prevent the dispatching of uninitialized payloads
The reproducer executes the host's unlocked_ioctl call in two different
tasks. When init_context fails, the struct vmci_event_ctx is not fully
initialized when executing vmci_datagram_dispatch() to send events to all
vm contexts. This affects the datagram taken from the datagram queue of
its context by another task, because the datagram payload is not initialized
according to the size payload_size, which causes the kernel data to leak
to the user space.
Before dispatching the datagram, and before setting the payload content,
explicitly set the payload content to 0 to avoid data leakage caused by
incomplete payload initialization.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38612 - Linux Kernel Fbtft Framebuffer Memory Leak Vulnerability
CVE ID : CVE-2025-38612
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc()
In the error paths after fb_info structure is successfully allocated,
the memory allocated in fb_deferred_io_init() for info->pagerefs is not
freed. Fix that by adding the cleanup function on the error path.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38613 - Linux Kernel GPib Buffer Overflow
CVE ID : CVE-2025-38613
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
staging: gpib: fix unset padding field copy back to userspace
The introduction of a padding field in the gpib_board_info_ioctl is
showing up as initialized data on the stack frame being copyied back
to userspace in function board_info_ioctl. The simplest fix is to
initialize the entire struct to zero to ensure all unassigned padding
fields are zero'd before being copied back to userspace.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38614 - Linux Kernel Eventpoll Recursive Depth Unlimited Link Formation Vulnerability
CVE ID : CVE-2025-38614
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
eventpoll: Fix semi-unbounded recursion
Ensure that epoll instances can never form a graph deeper than
EP_MAX_NESTS+1 links.
Currently, ep_loop_check_proc() ensures that the graph is loop-free and
does some recursion depth checks, but those recursion depth checks don't
limit the depth of the resulting tree for two reasons:
- They don't look upwards in the tree.
- If there are multiple downwards paths of different lengths, only one of
the paths is actually considered for the depth check since commit
28d82dc1c4ed ("epoll: limit paths").
Essentially, the current recursion depth check in ep_loop_check_proc() just
serves to prevent it from recursing too deeply while checking for loops.
A more thorough check is done in reverse_path_check() after the new graph
edge has already been created; this checks, among other things, that no
paths going upwards from any non-epoll file with a length of more than 5
edges exist. However, this check does not apply to non-epoll files.
As a result, it is possible to recurse to a depth of at least roughly 500,
tested on v6.15. (I am unsure if deeper recursion is possible; and this may
have changed with commit 8c44dac8add7 ("eventpoll: Fix priority inversion
problem").)
To fix it:
1. In ep_loop_check_proc(), note the subtree depth of each visited node,
and use subtree depths for the total depth calculation even when a subtree
has already been visited.
2. Add ep_get_upwards_depth_proc() for similarly determining the maximum
depth of an upwards walk.
3. In ep_loop_check(), use these values to limit the total path length
between epoll nodes to EP_MAX_NESTS edges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38615 - "NTFS3 Linux Kernel Live Inode Eviction Vulnerability"
CVE ID : CVE-2025-38615
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: cancle set bad inode after removing name fails
The reproducer uses a file0 on a ntfs3 file system with a corrupted i_link.
When renaming, the file0's inode is marked as a bad inode because the file
name cannot be deleted.
The underlying bug is that make_bad_inode() is called on a live inode.
In some cases it's "icache lookup finds a normal inode, d_splice_alias()
is called to attach it to dentry, while another thread decides to call
make_bad_inode() on it - that would evict it from icache, but we'd already
found it there earlier".
In some it's outright "we have an inode attached to dentry - that's how we
got it in the first place; let's call make_bad_inode() on it just for shits
and giggles".
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51506 - HRForecast Suite SmartLibrary SQL Injection Vulnerability
CVE ID : CVE-2025-51506
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : In the smartLibrary component of the HRForecast Suite 0.4.3, a SQL injection vulnerability was discovered in the valueKey parameter. This flaw enables any authenticated user to execute arbitrary SQL queries, via crafted payloads to valueKey to the api/smartlibrary/v2/en/dictionaries/options/lookup endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52478
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : n8n is a workflow automation platform. From 1.77.0 to before 1.98.2, a stored Cross-Site Scripting (XSS) vulnerability was identified in n8n, specifically in the Form Trigger node's HTML form element. An authenticated attacker can inject malicious HTML via an
CVE ID : CVE-2025-54411
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : Discourse is an open-source discussion platform. Welcome banner user name string for logged in users can be vulnerable to XSS attacks, which affect the user themselves or an admin impersonating them. Admins can temporarily alter the welcome_banner.header.logged_in_members site text to remove the preferred_display_name placeholder, or not impersonate
any users for the time being. This vulnerability is fixed in 3.5.0.beta8.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54880 - Mermaid Cross Site Scripting (XSS) Vulnerability
CVE ID : CVE-2025-54880
Published : Aug. 19, 2025, 5:15 p.m. | 1 hour, 37 minutes ago
Description : Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. In the default configuration of mermaid 11.9.0 and earlier, user supplied input for architecture diagram icons is passed to the d3 html() method, creating a sink for cross site scripting. This vulnerability is fixed in 11.10.0.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38599
Published : Aug. 19, 2025, 5:15 p.m. | 54 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: mt7996: Fix possible OOB access in mt7996_tx()
Fis possible Out-Of-Boundary access in mt7996_tx routine if link_id is
set to IEEE80211_LINK_UNSPECIFIED
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38600
Published : Aug. 19, 2025, 5:15 p.m. | 54 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: mt7925: fix off by one in mt7925_mcu_hw_scan()
The ssid->ssids[] and sreq->ssids[] arrays have MT7925_RNR_SCAN_MAX_BSSIDS
elements so this >= needs to be > to prevent an out of bounds access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38601 - Qualcomm Atheros Wi-Fi ath11k: Page Fault due to Uninitialized Flag
CVE ID : CVE-2025-38601
Published : Aug. 19, 2025, 5:15 p.m. | 54 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
wifi: ath11k: clear initialized flag for deinit-ed srng lists
In a number of cases we see kernel panics on resume due
to ath11k kernel page fault, which happens under the
following circumstances:
1) First ath11k_hal_dump_srng_stats() call
Last interrupt received for each group:
ath11k_pci 0000:01:00.0: group_id 0 22511ms before
ath11k_pci 0000:01:00.0: group_id 1 14440788ms before
[..]
ath11k_pci 0000:01:00.0: failed to receive control response completion, polling..
ath11k_pci 0000:01:00.0: Service connect timeout
ath11k_pci 0000:01:00.0: failed to connect to HTT: -110
ath11k_pci 0000:01:00.0: failed to start core: -110
ath11k_pci 0000:01:00.0: firmware crashed: MHI_CB_EE_RDDM
ath11k_pci 0000:01:00.0: already resetting count 2
ath11k_pci 0000:01:00.0: failed to wait wlan mode request (mode 4): -110
ath11k_pci 0000:01:00.0: qmi failed to send wlan mode off: -110
ath11k_pci 0000:01:00.0: failed to reconfigure driver on crash recovery
[..]
2) At this point reconfiguration fails (we have 2 resets) and
ath11k_core_reconfigure_on_crash() calls ath11k_hal_srng_deinit()
which destroys srng lists. However, it does not reset per-list
->initialized flag.
3) Second ath11k_hal_dump_srng_stats() call sees stale ->initialized
flag and attempts to dump srng stats:
Last interrupt received for each group:
ath11k_pci 0000:01:00.0: group_id 0 66785ms before
ath11k_pci 0000:01:00.0: group_id 1 14485062ms before
ath11k_pci 0000:01:00.0: group_id 2 14485062ms before
ath11k_pci 0000:01:00.0: group_id 3 14485062ms before
ath11k_pci 0000:01:00.0: group_id 4 14780845ms before
ath11k_pci 0000:01:00.0: group_id 5 14780845ms before
ath11k_pci 0000:01:00.0: group_id 6 14485062ms before
ath11k_pci 0000:01:00.0: group_id 7 66814ms before
ath11k_pci 0000:01:00.0: group_id 8 68997ms before
ath11k_pci 0000:01:00.0: group_id 9 67588ms before
ath11k_pci 0000:01:00.0: group_id 10 69511ms before
BUG: unable to handle page fault for address: ffffa007404eb010
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 100000067 P4D 100000067 PUD 10022d067 PMD 100b01067 PTE 0
Oops: 0000 [#1] PREEMPT SMP NOPTI
RIP: 0010:ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k]
Call Trace:
? __die_body+0xae/0xb0
? page_fault_oops+0x381/0x3e0
? exc_page_fault+0x69/0xa0
? asm_exc_page_fault+0x22/0x30
? ath11k_hal_dump_srng_stats+0x2b4/0x3b0 [ath11k (HASH:6cea 4)]
ath11k_qmi_driver_event_work+0xbd/0x1050 [ath11k (HASH:6cea 4)]
worker_thread+0x389/0x930
kthread+0x149/0x170
Clear per-list ->initialized flag in ath11k_hal_srng_deinit().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38602
Published : Aug. 19, 2025, 5:15 p.m. | 54 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
iwlwifi: Add missing check for alloc_ordered_workqueue
Add check for the return value of alloc_ordered_workqueue since it may
return NULL pointer.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38604 - "RTL8187: Null Pointer Dereference in Wireless Driver"
CVE ID : CVE-2025-38604
Published : Aug. 19, 2025, 5:15 p.m. | 54 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
wifi: rtl818x: Kill URBs before clearing tx status queue
In rtl8187_stop() move the call of usb_kill_anchored_urbs() before clearing
b_tx_status.queue. This change prevents callbacks from using already freed
skb due to anchor was not killed before freeing such skb.
BUG: kernel NULL pointer dereference, address: 0000000000000080
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 0 P4D 0
Oops: Oops: 0000 [#1] SMP NOPTI
CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Not tainted 6.15.0 #8 PREEMPT(voluntary)
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 0.0.0 02/06/2015
RIP: 0010:ieee80211_tx_status_irqsafe+0x21/0xc0 [mac80211]
Call Trace:
rtl8187_tx_cb+0x116/0x150 [rtl8187]
__usb_hcd_giveback_urb+0x9d/0x120
usb_giveback_urb_bh+0xbb/0x140
process_one_work+0x19b/0x3c0
bh_worker+0x1a7/0x210
tasklet_action+0x10/0x30
handle_softirqs+0xf0/0x340
__irq_exit_rcu+0xcd/0xf0
common_interrupt+0x85/0xa0
Tested on RTL8187BvE device.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43738
Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8, 2025.Q1.0 through 2025.Q1.15, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13 and 2024.Q1.1 through 2024.Q1.19 allows a remote authenticated user to inject JavaScript code via _com_liferay_expando_web_portlet_ExpandoPortlet_displayType parameter.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50434 - Appian Enterprise Business Process Management Remote Code Execution
CVE ID : CVE-2025-50434
Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago
Description : Appian Enterprise Business Process Management 25.3 is vulnerable to Incorrect Access Control.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50938
Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago
Description : Cross site scripting (XSS) vulnerability in Hustoj 2025-01-31 via the TID parameter to thread.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51539
Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago
Description : EzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability due to improper access control and insufficient input validation in a script exposed via the web interface. A remote attacker can supply a crafted path parameter to a PHP script to read arbitrary files from the filesystem. The script lacks both authentication checks and secure path handling, allowing directory traversal attacks (e.g., ../../../) to access sensitive files such as configuration files, database dumps, source code, and password reset tokens. If phpMyAdmin is exposed, extracted credentials can be used for direct administrative access. In environments without such tools, attacker-controlled file reads still allow full database extraction by targeting raw MySQL data files. The vendor states that the issue is fixed in 3.5.72.27183.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51540
Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago
Description : EzGED3 3.5.0 stores user passwords using an insecure hashing scheme: md5(md5(password)). This hashing method is cryptographically weak and allows attackers to perform efficient offline brute-force attacks if password hashes are disclosed. The lack of salting and use of a fast, outdated algorithm makes it feasible to recover plaintext credentials using precomputed tables or GPU-based cracking tools. The vendor states that the issue is fixed in 3.5.72.27183.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8782 - Apache Apache HTTP Server Remote Code Execution
CVE ID : CVE-2025-8782
Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9145
Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago
Description : A security vulnerability has been detected in Scada-LTS 2.7.8.1. This issue affects some unknown processing of the file view_edit.shtm of the component SVG File Handler. Such manipulation of the argument backgroundImageMP leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9146
Published : Aug. 19, 2025, 4:15 p.m. | 34 minutes ago
Description : A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function verify_gemtek_header of the file checkFw.sh of the component Firmware Handler. Executing manipulation can lead to risky cryptographic algorithm. The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is described as difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50579
Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due to improper validation of the Origin header. This misconfiguration enables attackers to intercept tokens using a simple browser script and exfiltrate them to a remote attacker-controlled server, potentially leading to unauthorized actions within the application.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50897
Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : A vulnerability exists in riscv-boom SonicBOOM 1.2 (BOOMv1.2) processor implementation, where valid virtual-to-physical address translations configured with write permissions (PTE_W) in SV39 mode may incorrectly trigger a Store/AMO access fault during store instructions (sd). This occurs despite the presence of proper page table entries and valid memory access modes. The fault is reproducible when transitioning into virtual memory and attempting store operations in mapped kernel memory, indicating a potential flaw in the MMU, PMP, or memory access enforcement logic. This may cause unexpected kernel panics or denial of service in systems using BOOMv1.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51487
Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : A stored cross-site scripting (XSS) vulnerability in the Create Article function of MoonShine v3.12.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Link parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51488
Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : A stored cross-site scripting (XSS) vulnerability in the Create Admin function of MoonShine v3.12.3 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51489
Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : An arbitrary file upload vulnerability in MoonShine v3.12.4 allows attackers to execute arbitrary code via uploading a crafted SVG file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51510
Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : MoonShine v3.12.5 was discovered to contain a SQL injection vulnerability via the Data parameter under the Blog module.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51529 - Jonkastonka Cookies and Content Security Policy AJAX Denial of Service
CVE ID : CVE-2025-51529
Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : Incorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content Security Policy plugin through version 2.29 allows remote attackers to cause a denial of service (database server resource exhaustion) via unlimited database write operations to the wp_ajax_nopriv_cacsp_insert_consent_data endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9143
Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailing_lists.shtm. The manipulation of the argument name/userList/address results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public and may be exploited.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9144
Published : Aug. 19, 2025, 3:15 p.m. | 1 hour, 34 minutes ago
Description : A weakness has been identified in Scada-LTS 2.7.8.1. This vulnerability affects unknown code of the file publisher_edit.shtm. This manipulation of the argument Name causes cross site scripting. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43739
Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago
Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.6, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allow any authenticated user to modify the content of emails sent through the calendar portlet, allowing an attacker to send phishing emails to any other user in the same organization.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4044
Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago
Description : Improper Restriction of XML External Entity Reference in various Lexmark printer drivers for Windows allows attacker to disclose sensitive information to an arbitrary URL.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4046
Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago
Description : A missing authorization vulnerability in Lexmark Cloud Services badge management allows attacker to reassign badges within their organization
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-4690 - AngularJS Linky Filter Regular Expression Denial of Service (ReDoS)
CVE ID : CVE-2025-4690
Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago
Description : A regular expression used by AngularJS' linky https://docs.angularjs.org/api/ngSanitize/filter/linky filter to detect URLs in input text is vulnerable to super-linear runtime due to backtracking. With a large carefully-crafted input, this can cause a
Regular expression Denial of Service (ReDoS) https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS attack on the application.
This issue affects all versions of AngularJS.
Note:
The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50461
Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago
Description : A deserialization vulnerability exists in Volcengine's verl 3.0.0, specifically in the scripts/model_merger.py script when using the "fsdp" backend. The script calls torch.load() with weights_only=False on user-supplied .pt files, allowing attackers to execute arbitrary code if a maliciously crafted model file is loaded. An attacker can exploit this by convincing a victim to download and place a malicious model file in a local directory with a specific filename pattern. This vulnerability may lead to arbitrary code execution with the privileges of the user running the script.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50567
Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago
Description : Saurus CMS Community Edition 4.7.1 contains a vulnerability in the custom DB::prepare() function, which uses preg_replace() with the deprecated /e (eval) modifier to interpolate SQL query parameters. This leads to injection of user-controlled SQL statements, potentially leading to arbitrary PHP code execution.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54336
Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago
Description : In Plesk Obsidian 18.0.70, _isAdminPasswordValid uses an == comparison. Thus, if the correct password is "0e" followed by any digit string, then an attacker can login with any other string that evaluates to 0.0 (such as the 0e0 string). This occurs in admin/plib/LoginManager.php.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9140
Published : Aug. 19, 2025, 2:15 p.m. | 2 hours, 34 minutes ago
Description : A vulnerability was identified in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. Affected by this issue is some unknown functionality of the file /crm/crmapi/erp/tabdetail_moduleSave.php. The manipulation of the argument getvaluestring leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. Upgrading to version 8.6.5.4 can resolve this issue. The affected component should be upgraded. The vendor explains: "All SQL injection vectors were patched via parameterized queries and input sanitization in v8.6.5+."
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-45062 - OpenPrinting ippusbxd Stack Based Buffer Overflow Vulnerability
CVE ID : CVE-2024-45062
Published : Aug. 19, 2025, 2:15 p.m. | 1 hour, 52 minutes ago
Description : A stack based buffer overflow vulnerability is present in OpenPrinting ippusbxd 1.34. A specially configured printer that supports IPP-over-USB can cause a buffer overflow which can lead to a arbitrary code execution in a privileged service. To trigger the vulnerability, a malicious device would need to be connected to the vulnerable system over USB.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43740
Published : Aug. 19, 2025, 1:15 p.m. | 2 hours, 52 minutes ago
Description : A Stored cross-site scripting vulnerability in the Liferay Portal 7.4.3.120 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.8, 2025.Q1.0 through 2025.Q1.15, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13 and 2024.Q1.9 through 2024.Q1.19 allows an remote authenticated attacker to inject JavaScript through the message boards feature available via the web interface.
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9137
Published : Aug. 19, 2025, 1:15 p.m. | 2 hours, 52 minutes ago
Description : A vulnerability has been found in Scada-LTS 2.7.8.1. This impacts an unknown function of the file scheduled_events.shtm. Such manipulation of the argument alias leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor explains: "[T]he risks of indicated vulnerabilities seem to be minimal as all scenarios likely require admin permissions. Moreover, regardless our team fixes those vulnerabilities - the overall risk change to the user due to malicious admin actions will not be lower. An admin user - by definition - has full control over HTML and JS code that is delivered to users in regular synoptic panels. In other words - due to the design of the system it is not possible to limit the admin user to attack the users."
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9138
Published : Aug. 19, 2025, 1:15 p.m. | 2 hours, 52 minutes ago
Description : A vulnerability was found in Scada-LTS 2.7.8.1. Affected is an unknown function of the file pointHierarchy/new/. Performing manipulation of the argument Title results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor explains: "[T]he risks of indicated vulnerabilities seem to be minimal as all scenarios likely require admin permissions. Moreover, regardless our team fixes those vulnerabilities - the overall risk change to the user due to malicious admin actions will not be lower. An admin user - by definition - has full control over HTML and JS code that is delivered to users in regular synoptic panels. In other words - due to the design of the system it is not possible to limit the admin user to attack the users."
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9139 - Scada-LTS Remote Information Disclosure Vulnerability
CVE ID : CVE-2025-9139
Published : Aug. 19, 2025, 1:15 p.m. | 2 hours, 52 minutes ago
Description : A vulnerability was determined in Scada-LTS 2.7.8.1. Affected by this vulnerability is an unknown functionality of the file /Scada-LTS/dwr/call/plaincall/WatchListDwr.init.dwr. Executing manipulation can lead to information disclosure. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor explains: "[T]he risks of indicated vulnerabilities seem to be minimal as all scenarios likely require admin permissions. Moreover, regardless our team fixes those vulnerabilities - the overall risk change to the user due to malicious admin actions will not be lower."
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9136
Published : Aug. 19, 2025, 12:15 p.m. | 3 hours, 52 minutes ago
Description : A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestream_vscanf of the file libretro-common/streams/file_stream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It is recommended to upgrade the affected component.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9134
Published : Aug. 19, 2025, 11:15 a.m. | 4 hours, 52 minutes ago
Description : A security vulnerability has been detected in AfterShip Package Tracker App up to 5.24.1 on Android. The affected element is an unknown function of the file AndroidManifest.xml of the component com.aftership.AfterShip. The manipulation leads to improper export of android application components. The attack must be carried out locally. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure and replied: "After reviewing your report, we have confirmed that this vulnerability does indeed exist and we are actively working to fix it."
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9135 - Verkehrsauskunft Österreich SmartRide Android Application Component Export
CVE ID : CVE-2025-9135
Published : Aug. 19, 2025, 11:15 a.m. | 4 hours, 52 minutes ago
Description : A vulnerability was detected in Verkehrsauskunft Österreich SmartRide, cleVVVer and BusBahnBim up to 12.1.1(258). The impacted element is an unknown function of the file AndroidManifest.xml. The manipulation results in improper export of android application components. The attack must be initiated from a local position. The exploit is now public and may be used. Upgrading to version 12.1.2(259) is sufficient to resolve this issue. Upgrading the affected component is recommended.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8783
Published : Aug. 19, 2025, 11:15 a.m. | 3 hours, 52 minutes ago
Description : The Contact Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title’ parameter in all versions up to, and including, 8.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-41685
Published : Aug. 19, 2025, 9:15 a.m. | 5 hours, 52 minutes ago
Description : A low-privileged remote attacker can obtain the username of another registered Sunny Portal user by entering that user's email address.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-41689
Published : Aug. 19, 2025, 9:15 a.m. | 5 hours, 52 minutes ago
Description : An unauthenticated remote attacker can grant access without password protection to the affected device. This enables the unprotected read-only access to the stored measurement data.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8567
Published : Aug. 19, 2025, 9:15 a.m. | 5 hours, 52 minutes ago
Description : The Nexter Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 4.5.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7654 - FunnelKit Sensitive Information Exposure Vulnerability
CVE ID : CVE-2025-7654
Published : Aug. 19, 2025, 8:15 a.m. | 6 hours, 52 minutes ago
Description : Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wf_get_cookie shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including authentication cookies of other site users, which may make privilege escalation possible.
Please note both FunnelKit – Funnel Builder for WooCommerce Checkout AND FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce are affected by this.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7670 - WordPress JS Archive List SQL Injection Vulnerability
CVE ID : CVE-2025-7670
Published : Aug. 19, 2025, 8:15 a.m. | 6 hours, 52 minutes ago
Description : The JS Archive List plugin for WordPress is vulnerable to time-based SQL Injection via the build_sql_where() function in all versions up to, and including, 6.1.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8622
Published : Aug. 19, 2025, 8:15 a.m. | 6 hours, 52 minutes ago
Description : The Flexible Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Flexible Maps shortcode in all versions up to, and including, 1.18.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8723
Published : Aug. 19, 2025, 8:15 a.m. | 6 hours, 52 minutes ago
Description : The Cloudflare Image Resizing plugin for WordPress is vulnerable to Remote Code Execution due to missing authentication and insufficient sanitization within its hook_rest_pre_dispatch() method in all versions up to, and including, 1.5.6. This makes it possible for unauthenticated attackers to inject arbitrary PHP into the codebase, achieving remote code execution.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8218 - WordPress Properties Directory Theme Role Escalation Vulnerability
CVE ID : CVE-2025-8218
Published : Aug. 19, 2025, 7:15 a.m. | 7 hours, 52 minutes ago
Description : The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the 'change_role_member' parameter in all versions up to, and including, 3.5. This is due to a lack of restriction in the profile update role. This makes it possible for unauthenticated attackers to arbitrarily choose their role, including the Administrator role, during a profile update.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6758
Published : Aug. 19, 2025, 7:15 a.m. | 6 hours, 51 minutes ago
Description : The Real Spaces - WordPress Properties Directory Theme theme for WordPress is vulnerable to privilege escalation via the 'imic_agent_register' function in all versions up to, and including, 3.6. This is due to a lack of restriction in the registration role. This makes it possible for unauthenticated attackers to arbitrarily choose their role, including the Administrator role, during user registration.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38553 - Linux Kernel Netem Qdisc Tree Duplication Vulnerability
CVE ID : CVE-2025-38553
Published : Aug. 19, 2025, 6:15 a.m. | 7 hours, 51 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
net/sched: Restrict conditions for adding duplicating netems to qdisc tree
netem_enqueue's duplication prevention logic breaks when a netem
resides in a qdisc tree with other netems - this can lead to a
soft lockup and OOM loop in netem_dequeue, as seen in [1].
Ensure that a duplicating netem cannot exist in a tree with other
netems.
Previous approaches suggested in discussions in chronological order:
1) Track duplication status or ttl in the sk_buff struct. Considered
too specific a use case to extend such a struct, though this would
be a resilient fix and address other previous and potential future
DOS bugs like the one described in loopy fun [2].
2) Restrict netem_enqueue recursion depth like in act_mirred with a
per cpu variable. However, netem_dequeue can call enqueue on its
child, and the depth restriction could be bypassed if the child is a
netem.
3) Use the same approach as in 2, but add metadata in netem_skb_cb
to handle the netem_dequeue case and track a packet's involvement
in duplication. This is an overly complex approach, and Jamal
notes that the skb cb can be overwritten to circumvent this
safeguard.
4) Prevent the addition of a netem to a qdisc tree if its ancestral
path contains a netem. However, filters and actions can cause a
packet to change paths when re-enqueued to the root from netem
duplication, leading us to the current solution: prevent a
duplicating netem from inhabiting the same tree as other netems.
[1] https://lore.kernel.org/netdev/8DuRWwfqjoRDLDmBMlIfbrsZg9Gx50DHJc1ilxsEBNe2D6NMoigR_eIRIG0LOjMc3r10nUUZtArXx4oZBIdUfZQrwjcQhdinnMis_0G7VEk=@willsroot.io/
[2] https://lwn.net/Articles/719297/
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5417 - Red Hat Developer Hub Improper Access Control Vulnerability
CVE ID : CVE-2025-5417
Published : Aug. 19, 2025, 5:15 a.m. | 8 hours, 51 minutes ago
Description : An insufficient access control vulnerability was found in the Red Hat
Developer Hub rhdh/rhdh-hub-rhel9 container image. The Red Hat Developer Hub cluster admin/user, who has standard user access to the cluster, and the Red Hat Developer Hub namespace, can access the
rhdh/rhdh-hub-rhel9 container image and modify the image's content. This issue affects the confidentiality and integrity of the data, and any changes made are not permanent, as they reset after the pod restarts.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8357 - WordPress Media Library Assistant Unauthenticated File Deletion Vulnerability
CVE ID : CVE-2025-8357
Published : Aug. 19, 2025, 5:15 a.m. | 8 hours, 51 minutes ago
Description : The Media Library Assistant plugin for WordPress is vulnerable to arbitrary file deletion in the /wp-content/uploads directory due to insufficient file path validation and user capability checking in the _process_mla_download_file function in all versions up to, and including, 3.27. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary files on the server from the /wp-content/uploads/ directory.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7496
Published : Aug. 19, 2025, 4:15 a.m. | 9 hours, 51 minutes ago
Description : The WPC Smart Compare for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via DOM elements in all versions up to, and including, 6.4.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57722
Published : Aug. 19, 2025, 3:15 a.m. | 10 hours, 51 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57723 - Apache HTTP Server Unauthenticated Remote Code Execution
CVE ID : CVE-2025-57723
Published : Aug. 19, 2025, 3:15 a.m. | 10 hours, 51 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57724 - Apache HTTP Server Denial of Service
CVE ID : CVE-2025-57724
Published : Aug. 19, 2025, 3:15 a.m. | 10 hours, 51 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57725 - Apache HTTP Server Information Disclosure
CVE ID : CVE-2025-57725
Published : Aug. 19, 2025, 3:15 a.m. | 10 hours, 51 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57718
Published : Aug. 19, 2025, 3:15 a.m. | 9 hours, 40 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57719 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-57719
Published : Aug. 19, 2025, 3:15 a.m. | 9 hours, 40 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57720 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-57720
Published : Aug. 19, 2025, 3:15 a.m. | 9 hours, 40 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57721 - Apache HTTP Server Authentication Bypass
CVE ID : CVE-2025-57721
Published : Aug. 19, 2025, 3:15 a.m. | 9 hours, 40 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-57717 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-57717
Published : Aug. 19, 2025, 3:15 a.m. | 7 hours, 32 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54156 - Sante PACS Server Unencrypted Credential Exposure
CVE ID : CVE-2025-54156
Published : Aug. 18, 2025, 10:15 p.m. | 12 hours, 32 minutes ago
Description : The Sante PACS Server Web Portal sends credential information without encryption.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54759 - Sante PACS Server Stored Cross-Site Scripting (XSS) Vulnerability
CVE ID : CVE-2025-54759
Published : Aug. 18, 2025, 10:15 p.m. | 12 hours, 32 minutes ago
Description : Sante PACS Server is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes redirecting a user to a malicious webpage and stealing the user's cookie.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54862 - Sante PACS Server Stored Cross-Site Scripting (XSS)
CVE ID : CVE-2025-54862
Published : Aug. 18, 2025, 10:15 p.m. | 12 hours, 32 minutes ago
Description : Sante PACS Server web portal is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes redirecting a user to a malicious webpage and stealing the user's cookie.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46269
Published : Aug. 18, 2025, 10:15 p.m. | 10 hours, 30 minutes ago
Description : In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing VC6 files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52584
Published : Aug. 18, 2025, 10:15 p.m. | 10 hours, 30 minutes ago
Description : In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing XE files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53948 - Sante PACS Server Denial of Service (DoS)
CVE ID : CVE-2025-53948
Published : Aug. 18, 2025, 10:15 p.m. | 10 hours, 30 minutes ago
Description : The Sante PACS Server allows a remote attacker to crash the main thread by sending a crafted HL7 message, causing a denial-of-service condition. The application would require a manual restart and no authentication is required.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41392 - Ashlar-Vellum Cobalt Unvalidated AR File Parsing Vulnerability
CVE ID : CVE-2025-41392
Published : Aug. 18, 2025, 9:15 p.m. | 10 hours, 54 minutes ago
Description : In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing AR files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53705
Published : Aug. 18, 2025, 9:15 p.m. | 10 hours, 54 minutes ago
Description : In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing CO files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9119
Published : Aug. 18, 2025, 9:15 p.m. | 10 hours, 54 minutes ago
Description : A vulnerability was determined in Netis WF2419 1.2.29433. This vulnerability affects unknown code of the file /index.htm of the component Wireless Settings Page. This manipulation of the argument SSID with the input causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8098 - Lenovo PC Manager Privilege Escalation Vulnerability
CVE ID : CVE-2025-8098
Published : Aug. 18, 2025, 8:15 p.m. | 11 hours, 54 minutes ago
Description : An improper permission vulnerability was reported in Lenovo PC Manager that could allow a local attacker to escalate privileges.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55590
Published : Aug. 18, 2025, 8:15 p.m. | 10 hours, 40 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an command injection vulnerability via the component bupload.html.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55591
Published : Aug. 18, 2025, 8:15 p.m. | 10 hours, 40 minutes ago
Description : TOTOLINK-A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability in the devicemac parameter in the formMapDel endpoint.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55587 - TOTOLINK A3002R Buffer Overflow DoS
CVE ID : CVE-2025-55587
Published : Aug. 18, 2025, 8:15 p.m. | 8 hours, 37 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55588 - TOTOLINK A3002R Buffer Overflow Denial of Service
CVE ID : CVE-2025-55588
Published : Aug. 18, 2025, 8:15 p.m. | 8 hours, 37 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the fw_ip parameter at /boafrm/formPortFw. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55589 - TOTOLINK A3002R OS Command Injection Vulnerability
CVE ID : CVE-2025-55589
Published : Aug. 18, 2025, 8:15 p.m. | 8 hours, 37 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain multiple OS command injection vulnerabilities via the macstr, bandstr, and clientoff parameters at /boafrm/formMapDelDevice.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55586 - TOTOLINK A3002R Buffer Overflow DoS
CVE ID : CVE-2025-55586
Published : Aug. 18, 2025, 8:15 p.m. | 7 hours, 54 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the url parameter at /boafrm/formFilter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32992
Published : Aug. 18, 2025, 8:15 p.m. | 6 hours, 29 minutes ago
Description : Thermo Fisher Scientific ePort through 3.0.0 has Incorrect Access Control.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-4371 - Lenovo Web Camera Firmware Update Vulnerability
CVE ID : CVE-2025-4371
Published : Aug. 18, 2025, 8:15 p.m. | 6 hours, 29 minutes ago
Description : A potential vulnerability was reported in the Lenovo 510 FHD and Performance FHD web cameras that could allow an attacker with physical access to write arbitrary firmware updates to the device over a USB connection.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53192
Published : Aug. 18, 2025, 8:15 p.m. | 6 hours, 29 minutes ago
Description : ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL.
This issue affects Apache Commons OGNL: all versions.
When using the API Ognl.getValue, the OGNL engine parses and evaluates the provided expression with powerful capabilities, including accessing and invoking related methods,
etc. Although OgnlRuntime attempts to restrict certain dangerous classes and methods (such as java.lang.Runtime) through a blocklist, these restrictions are not comprehensive.
Attackers may be able to bypass the restrictions by leveraging class objects that are not covered by the blocklist and potentially achieve arbitrary code execution.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55213
Published : Aug. 18, 2025, 8:15 p.m. | 6 hours, 29 minutes ago
Description : OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.9.3 to v1.9.4 ( openfga-0.2.40 <= Helm chart <= openfga-0.2.41, v1.9.3 <= docker <= v.1.9.4) are vulnerable to improper policy enforcement when certain Check and ListObject calls are executed. This vulnerability is fixed in 1.9.5.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55584 - TOTOLINK A3002R Telnet Service Insecure Credentials Vulnerability
CVE ID : CVE-2025-55584
Published : Aug. 18, 2025, 8:15 p.m. | 6 hours, 29 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain insecure credentials for the telnet service and root account.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55585
Published : Aug. 18, 2025, 8:15 p.m. | 6 hours, 29 minutes ago
Description : TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an eval injection vulnerability via the eval() function.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43731
Published : Aug. 18, 2025, 7:15 p.m. | 7 hours, 29 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.8, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows an remote authenticated user to inject JavaScript in message board threads and categories.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55300
Published : Aug. 18, 2025, 6:15 p.m. | 8 hours, 29 minutes ago
Description : Komari is a lightweight, self-hosted server monitoring tool designed to provide a simple and efficient solution for monitoring server performance. Prior to 1.0.4-fix1, WebSocket upgrader has disabled origin checking, enabling Cross-Site WebSocket Hijacking (CSWSH) attacks against authenticated users. Any third party website can send requests to the terminal websocket endpoint with browser's cookies, resulting in remote code execution. This vulnerability is fixed in 1.0.4-fix1.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7693 - "Vulnerability in CIP Controller Malformed Packet Handling"
CVE ID : CVE-2025-7693
Published : Aug. 18, 2025, 6:15 p.m. | 8 hours, 29 minutes ago
Description : A security issue exists due to improper handling of malformed CIP Forward Close packets during fuzzing. The controller enters a solid red Fault LED state and becomes unresponsive. Upon power cycle, the controller will enter recoverable fault where the MS LED and Fault LED become flashing red and reports fault code 0xF015. To recover, clear the fault.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55293
Published : Aug. 18, 2025, 6:15 p.m. | 3 hours, 53 minutes ago
Description : Meshtastic is an open source mesh networking solution. Prior to v2.6.3, an attacker can send NodeInfo with a empty publicKey first, then overwrite it with a new key. First sending a empty key bypasses 'if (p.public_key.size > 0) {', clearing the existing publicKey (and resetting the size to 0) for a known node. Then a new key bypasses 'if (info->user.public_key.size > 0) {', and this malicious key is stored in NodeDB. This vulnerability is fixed in 2.6.3.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55296
Published : Aug. 18, 2025, 6:15 p.m. | 3 hours, 53 minutes ago
Description : librenms is a community-based GPL-licensed network monitoring system. A stored Cross-Site Scripting (XSS) vulnerability exists in LibreNMS (<= 25.6.0) in the Alert Template creation feature. This allows a user with the admin role to inject malicious JavaScript, which will be executed when the template is rendered, potentially compromising other admin accounts. This vulnerability is fixed in 25.8.0.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55299
Published : Aug. 18, 2025, 6:15 p.m. | 3 hours, 53 minutes ago
Description : VaulTLS is a modern solution for managing mTLS (mutual TLS) certificates. Prior to 0.9.1, user accounts created through the User web UI have an empty but not NULL password set, attackers can use this to login with an empty password. This is combined with that fact, that previously disabling the password based login only effected the frontend, but still allowed login via the API. This vulnerability is fixed in 0.9.1.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55287 - Genealogy Family Tree Authenticated Stored Cross-Site Scripting
CVE ID : CVE-2025-55287
Published : Aug. 18, 2025, 5:15 p.m. | 4 hours, 53 minutes ago
Description : Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Stored Cross-Site Scripting (XSS) vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and UI manipulation. This vulnerability is fixed in 4.4.0.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55288
Published : Aug. 18, 2025, 5:15 p.m. | 4 hours, 53 minutes ago
Description : Genealogy is a family tree PHP application. Prior to 4.4.0, Authenticated Reflected Cross-Site Scripting (XSS) vulnerability was identified in the Genealogy application. Authenticated attackers could run arbitrary JavaScript in another user’s session, leading to session hijacking, data theft, and UI manipulation. This vulnerability is fixed in 4.4.0.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55291
Published : Aug. 18, 2025, 5:15 p.m. | 4 hours, 53 minutes ago
Description : Shaarli is a minimalist bookmark manager and link sharing service. Prior to 0.15.0, the input string in the cloud tag page is not properly sanitized. This allows the tag to be prematurely closed, leading to a reflected Cross-Site Scripting (XSS) vulnerability. This vulnerability is fixed in 0.15.0.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3639
Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago
Description : Liferay Portal 7.3.0 through 7.4.3.132, and Liferay DXP 2025.Q1 through 2025.Q1.6, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 and 7.3 GA through update 36 allows unauthenticated users with valid credentials to bypass the login process by changing the POST method to GET, once the site has MFA enabled.
Severity: 2.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54234 - ColdFusion SSRF File System Read Vulnerability
CVE ID : CVE-2025-54234
Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago
Description : ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to limited file system read. A high-privilege authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction.
Severity: 2.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55201
Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago
Description : Copier library and CLI app for rendering project templates. Prior to 9.9.1, a safe template can currently read and write arbitrary files because Copier exposes a few pathlib.Path objects in the Jinja context which have unconstrained I/O methods. This effectively renders the security model w.r.t. filesystem access useless. This vulnerability is fixed in 9.9.1.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55205
Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago
Description : Capsule is a multi-tenancy and policy-based framework for Kubernetes. A namespace label injection vulnerability in Capsule v0.10.3 and earlier allows authenticated tenant users to inject arbitrary labels into system namespaces (kube-system, default, capsule-system), bypassing multi-tenant isolation and potentially accessing cross-tenant resources through TenantResource selectors. This vulnerability enables privilege escalation and violates the fundamental security boundaries that Capsule is designed to enforce. This vulnerability is fixed in 0.10.4.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55214
Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago
Description : Copier library and CLI app for rendering project templates. From 7.1.0 to before 9.9.1, Copier suggests that it's safe to generate a project from a safe template, i.e. one that doesn't use unsafe features like custom Jinja extensions which would require passing the --UNSAFE,--trust flag. As it turns out, a safe template can currently write files outside the destination path where a project shall be generated or updated. This is possible when rendering a generated directory structure whose rendered path is either a relative parent path or an absolute path. Constructing such paths is possible using Copier's builtin pathjoin Jinja filter and its builtin _copier_conf.sep variable, which is the platform-native path separator. This way, a malicious template author can create a template that overwrites arbitrary files (according to the user's write permissions), e.g., to cause havoc. This vulnerability is fixed in 9.9.1.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55282
Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago
Description : aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows a user to elevate to superuser inside PostgreSQL databases during a migration from an untrusted source server. By exploiting a lack of search_path restriction, an attacker can override pg_catalog and execute untrusted operators as a superuser. This vulnerability is fixed in 1.0.7.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55283 - Aiven DB Migrate Privilege Escalation Vulnerability
CVE ID : CVE-2025-55283
Published : Aug. 18, 2025, 5:15 p.m. | 2 hours, 53 minutes ago
Description : aiven-db-migrate is an Aiven database migration tool. Prior to 1.0.7, there is a privilege escalation vulnerability that allows elevation to superuser inside PostgreSQL databases during a migration from an untrusted source server. The vulnerability stems from psql executing commands embedded in a dump from the source server. This vulnerability is fixed in 1.0.7.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54117
Published : Aug. 18, 2025, 4:15 p.m. | 3 hours, 53 minutes ago
Description : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the dashboard text editor component. This vulnerability is fixed in 2.2.4.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54118 - NamelessMC Unauthenticated Sensitive Information Disclosure
CVE ID : CVE-2025-54118
Published : Aug. 18, 2025, 4:15 p.m. | 3 hours, 53 minutes ago
Description : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is fixed in 2.2.4.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54421
Published : Aug. 18, 2025, 4:15 p.m. | 3 hours, 53 minutes ago
Description : NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Cross-site scripting (XSS) vulnerability in NamelessMC before 2.2.4 allows remote authenticated attackers to inject arbitrary web script or HTML via the default_keywords crafted parameter. This vulnerability is fixed in 2.2.4.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27909 - IBM Concert Software CORS Privilege Escalation
CVE ID : CVE-2025-27909
Published : Aug. 18, 2025, 2:15 p.m. | 5 hours, 53 minutes ago
Description : IBM Concert Software 1.0.0 through 1.1.0 uses cross-origin resource sharing (CORS) which could allow an attacker to carry out privileged actions as the domain name is not being limited to only trusted domains.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-33090 - IBM Concert Software Regular Expression Denial of Service
CVE ID : CVE-2025-33090
Published : Aug. 18, 2025, 2:15 p.m. | 5 hours, 53 minutes ago
Description : IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to cause a denial of service using a specially crafted regular expression that would cause excessive resource consumption.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-33100 - IBM Concert Software Credentials Hardcoding Vulnerability
CVE ID : CVE-2025-33100
Published : Aug. 18, 2025, 2:15 p.m. | 5 hours, 53 minutes ago
Description : IBM Concert Software 1.0.0 through 1.1.0
contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36120 - IBM Storage Virtualize SSH Privilege Escalation Vulnerability
CVE ID : CVE-2025-36120
Published : Aug. 18, 2025, 2:15 p.m. | 5 hours, 53 minutes ago
Description : IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their privileges in an SSH session due to incorrect authorization checks to access resources.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43732
Published : Aug. 18, 2025, 2:15 p.m. | 5 hours, 53 minutes ago
Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.17 and 7.4 GA through update 92 is vulnerable to Insecure Direct Object Reference (IDOR) in the groupId parameter of the _com_liferay_roles_selector_web_portlet_RolesSelectorPortlet_groupId. When an organization administrator modifies this parameter id value, they can gain unauthorized access to user lists from other organizations.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4962
Published : Aug. 18, 2025, 2:15 p.m. | 5 hours, 53 minutes ago
Description : An Insecure Direct Object Reference (IDOR) vulnerability was identified in the `POST /v1/templates` endpoint of the Lunary API, affecting versions up to 0.8.8. This vulnerability allows authenticated users to create templates in another user's project by altering the `projectId` query parameter. The root cause of this issue is the absence of server-side validation to ensure that the authenticated user owns the specified `projectId`. The vulnerability has been addressed in version 1.9.23.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-49827 - IBM Concert Software Information Disclosure
CVE ID : CVE-2024-49827
Published : Aug. 18, 2025, 2:15 p.m. | 3 hours, 51 minutes ago
Description : IBM Concert Software 1.0.0 through 1.1.0 is vulnerable to excessive data exposure, allowing attackers to access sensitive information without proper filtering.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-1759 - IBM Concert Software Heap Information Disclosure Vulnerability
CVE ID : CVE-2025-1759
Published : Aug. 18, 2025, 2:15 p.m. | 3 hours, 51 minutes ago
Description : IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to obtain sensitive information from allocated memory due to improper clearing of heap memory.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43733
Published : Aug. 18, 2025, 1:15 p.m. | 4 hours, 51 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.7 allows a remote authenticated attacker to inject JavaScript code via the content page's name field. This malicious payload is then reflected and executed within the user's browser when viewing the "document View Usages" page.
Severity: 2.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41242 - Apache Tomcat and Eclipse Jetty Spring Framework MVC Path Traversal Vulnerability
CVE ID : CVE-2025-41242
Published : Aug. 18, 2025, 9:15 a.m. | 8 hours, 51 minutes ago
Description : Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container.
An application can be vulnerable when all the following are true:
* the application is deployed as a WAR or with an embedded Servlet container
* the Servlet container does not reject suspicious sequences https://jakarta.ee/specifications/servlet/6.1/jakarta-servlet-spec-6.1.html#uri-path-canonicalization
* the application serves static resources https://docs.spring.io/spring-framework/reference/web/webmvc/mvc-config/static-resources.html#page-title with Spring resource handling
We have verified that applications deployed on Apache Tomcat or Eclipse Jetty are not vulnerable, as long as default security features are not disabled in the configuration. Because we cannot check exploits against all Servlet containers and configuration variants, we strongly recommend upgrading your application.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47206 - File Station Out-of-Bounds Write Vulnerability
CVE ID : CVE-2025-47206
Published : Aug. 18, 2025, 9:15 a.m. | 8 hours, 51 minutes ago
Description : An out-of-bounds write vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory.
We have already fixed the vulnerability in the following version:
File Station 5 5.5.6.4933 and later
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5296 - Apache Link Following Privilege Escalation
CVE ID : CVE-2025-5296
Published : Aug. 18, 2025, 8:15 a.m. | 9 hours, 51 minutes ago
Description : CWE-59: Improper Link Resolution Before File Access ('Link Following') vulnerability exists that could cause
arbitrary data to be written to protected locations, potentially leading to escalation of privilege, arbitrary file
corruption, exposure of application and system information or persistent denial of service when a low-privileged
attacker tampers with the installation folder.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57700
Published : Aug. 18, 2025, 7:15 a.m. | 9 hours, 57 minutes ago
Description : DIAEnergie - Stored Cross-site Scripting
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57701
Published : Aug. 18, 2025, 7:15 a.m. | 9 hours, 57 minutes ago
Description : DIAEnergie - Reflected Cross-site Scripting
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57702
Published : Aug. 18, 2025, 7:15 a.m. | 9 hours, 57 minutes ago
Description : DIAEnergie - Reflected Cross-site Scripting
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-57703
Published : Aug. 18, 2025, 7:15 a.m. | 9 hours, 57 minutes ago
Description : DIAEnergie - Reflected Cross-site Scripting
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6625
Published : Aug. 18, 2025, 7:15 a.m. | 9 hours, 57 minutes ago
Description : CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific
crafted FTP command is sent to the device.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9108
Published : Aug. 18, 2025, 6:15 a.m. | 10 hours, 57 minutes ago
Description : Affected is an unknown function of the component Login Page. The manipulation leads to improper restriction of rendered ui layers. It is possible to launch the attack remotely.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9109
Published : Aug. 18, 2025, 6:15 a.m. | 10 hours, 57 minutes ago
Description : A security flaw has been discovered in Portabilis i-Diario up to 1.5.0. Affected by this vulnerability is an unknown functionality of the file /password/email of the component Password Recovery Endpoint. The manipulation results in observable response discrepancy. It is possible to launch the attack remotely. This attack is characterized by high complexity. The exploitation appears to be difficult. The exploit has been released to the public and may be exploited.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9106
Published : Aug. 18, 2025, 5:15 a.m. | 11 hours, 57 minutes ago
Description : A vulnerability was found in Portabilis i-Diario up to 1.5.0. This affects an unknown function of the file /planos-de-ensino-por-disciplina/ of the component Informações Adicionais Page. Performing manipulation of the argument Parecer/Conteúdos/Objetivos results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9107
Published : Aug. 18, 2025, 5:15 a.m. | 11 hours, 57 minutes ago
Description : A vulnerability was determined in Portabilis i-Diario up to 1.5.0. This impacts an unknown function of the file /alunos/search_autocomplete. Executing manipulation of the argument q can lead to cross site scripting. The attack may be performed from a remote location. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9105 - Portabilis i-Diario Cross Site Scripting Vulnerability
CVE ID : CVE-2025-9105
Published : Aug. 18, 2025, 4:15 a.m. | 12 hours, 57 minutes ago
Description : A vulnerability has been found in Portabilis i-Diario up to 1.5.0. The impacted element is an unknown function of the file /planos-de-ensino-por-areas-de-conhecimento/ of the component Informações Adicionais Page. Such manipulation of the argument Parecer/Conteúdos/Objetivos leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9103
Published : Aug. 18, 2025, 4:15 a.m. | 11 hours, 52 minutes ago
Description : A vulnerability was detected in ZenCart 2.1.0. Affected by this vulnerability is an unknown functionality of the component CKEditor. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor declares this as "intended behavior, allowed for authorized administrators".
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9104
Published : Aug. 18, 2025, 4:15 a.m. | 11 hours, 52 minutes ago
Description : A flaw has been found in Portabilis i-Diario up to 1.5.0. The affected element is an unknown function of the file /planos-de-aulas-por-disciplina/ of the component Informações Adicionais Page. This manipulation of the argument Parecer/Objeto de Conhecimento/Habilidades causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9102 - "11 Mail Media mail.com App Android Improper Component Export Vulnerability"
CVE ID : CVE-2025-9102
Published : Aug. 18, 2025, 3:15 a.m. | 12 hours, 52 minutes ago
Description : A security vulnerability has been detected in 1&1 Mail & Media mail.com App 8.8.0 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.mail.mobile.android.mail. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9101
Published : Aug. 18, 2025, 3:15 a.m. | 10 hours, 52 minutes ago
Description : A weakness has been identified in zhenfeng13 My-Blog up to 1.0.0. This issue affects some unknown processing of the file /admin/tags/save of the component Tag Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9100
Published : Aug. 18, 2025, 2:15 a.m. | 11 hours, 52 minutes ago
Description : A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects unknown code of the file /blog/comment of the component Frontend Blog Article Comment Handler. The manipulation leads to authentication bypass by capture-replay. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31713
Published : Aug. 18, 2025, 1:15 a.m. | 12 hours, 51 minutes ago
Description : In engineer mode service, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31714 - Apache HTTP Server Local Privilege Escalation Vulnerability
CVE ID : CVE-2025-31714
Published : Aug. 18, 2025, 1:15 a.m. | 12 hours, 51 minutes ago
Description : In Developer Tools, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31715
Published : Aug. 18, 2025, 1:15 a.m. | 12 hours, 51 minutes ago
Description : In vowifi service, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9098
Published : Aug. 18, 2025, 1:15 a.m. | 12 hours, 51 minutes ago
Description : A vulnerability was determined in Elseplus File Recovery App 4.4.21 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml. The manipulation leads to improper export of android application components. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9099
Published : Aug. 18, 2025, 1:15 a.m. | 12 hours, 51 minutes ago
Description : A vulnerability was identified in Acrel Environmental Monitoring Cloud Platform up to 20250804. This affects an unknown part of the file /NewsManage/UploadNewsImg. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9097 - Euro Information CIC Banque et Compte en Ligne Android Improper Export of Application Components Vulnerability
CVE ID : CVE-2025-9097
Published : Aug. 18, 2025, 12:15 a.m. | 13 hours, 52 minutes ago
Description : A vulnerability was found in Euro Information CIC banque et compte en ligne App 12.56.0 on Android. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.cic_prod.bad. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9096
Published : Aug. 18, 2025, 12:15 a.m. | 11 hours, 51 minutes ago
Description : A vulnerability has been found in ExpressGateway express-gateway up to 1.16.10. Affected is an unknown function in the library lib/rest/routes/apps.js of the component REST Endpoint. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7342
Published : Aug. 17, 2025, 11:15 p.m. | 8 hours, 39 minutes ago
Description : A security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the image build process. Additionally, virtual machine images built using the Nutanix or the OVA provider do not disable these default credentials, and nodes using the resulting images may be accessible via these default credentials. The credentials can be used to gain root access. Kubernetes clusters are only affected if their Windows nodes use VM images created via the Image Builder project with its Nutanix or OVA provider.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9094
Published : Aug. 17, 2025, 11:15 p.m. | 8 hours, 39 minutes ago
Description : A vulnerability was detected in ThingsBoard 4.1. This vulnerability affects unknown code of the component Add Gateway Handler. The manipulation leads to improper neutralization of special elements used in a template engine. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor replies, that "[t]he fix will come within upcoming release (v4.2) and will be inherited by maintenance releases of LTS versions (starting 4.0)."
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9095
Published : Aug. 17, 2025, 11:15 p.m. | 8 hours, 39 minutes ago
Description : A flaw has been found in ExpressGateway express-gateway up to 1.16.10. This issue affects some unknown processing in the library lib/rest/routes/users.js of the component REST Endpoint. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9093
Published : Aug. 17, 2025, 10:15 p.m. | 8 hours, 15 minutes ago
Description : A security vulnerability has been detected in BuzzFeed App 2024.9 on Android. This affects an unknown part of the file AndroidManifest.xml of the component com.buzzfeed.android. The manipulation leads to improper export of android application components. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9090 - Tenda Telnet Service Command Injection
CVE ID : CVE-2025-9090
Published : Aug. 17, 2025, 3:15 a.m. | 1 day, 3 hours ago
Description : A vulnerability was identified in Tenda AC20 16.03.08.12. Affected is the function websFormDefine of the file /goform/telnet of the component Telnet Service. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9091
Published : Aug. 17, 2025, 3:15 a.m. | 1 day, 3 hours ago
Description : A security flaw has been discovered in Tenda AC20 16.03.08.12. Affected by this vulnerability is an unknown functionality of the file /etc_ro/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9089
Published : Aug. 17, 2025, 12:15 a.m. | 1 day, 6 hours ago
Description : A vulnerability was determined in Tenda AC20 16.03.08.12. This issue affects the function sub_48E628 of the file /goform/SetIpMacBind. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9088
Published : Aug. 16, 2025, 11:15 p.m. | 1 day, 7 hours ago
Description : A vulnerability was found in Tenda AC20 16.03.08.12. This vulnerability affects the function save_virtualser_data of the file /goform/formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9087
Published : Aug. 16, 2025, 11:15 p.m. | 1 day, 6 hours ago
Description : A vulnerability has been found in Tenda AC20 16.03.08.12. This affects the function set_qosMib_list of the file /goform/SetNetControlList of the component SetNetControlList Endpoint. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-4515
Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 15 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate command request size
In commit 2b9b8f3b68ed ("ksmbd: validate command payload size"), except
for SMB2_OPLOCK_BREAK_HE command, the request size of other commands
is not checked, it's not expected. Fix it by add check for request
size of other commands.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-32249 - Samba Linux kernel Guest User Access Multichannel Vulnerability
CVE ID : CVE-2023-32249
Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 13 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
ksmbd: not allow guest user on multichannel
This patch return STATUS_NOT_SUPPORTED if binding session is guest.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-3865
Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 13 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix out-of-bound read in smb2_write
ksmbd_smb2_check_message doesn't validate hdr->NextCommand. If
->NextCommand is bigger than Offset + Length of smb2 write, It will
allow oversized smb2 write length. It will cause OOB read in smb2_write.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-3866
Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 13 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
ksmbd: validate session id and tree id in the compound request
This patch validate session id and tree id in compound request.
If first operation in the compound is SMB2 ECHO request, ksmbd bypass
session and tree validation. So work->sess and work->tcon could be NULL.
If secound request in the compound access work->sess or tcon, It cause
NULL pointer dereferecing error.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-3867
Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 13 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix out of bounds read in smb2_sess_setup
ksmbd does not consider the case of that smb2 session setup is
in compound request. If this is the second payload of the compound,
OOB read issue occurs while processing the first payload in
the smb2_sess_setup().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-4130
Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 13 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()
There are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request
from client. ksmbd find next smb2_ea_info using ->NextEntryOffset of
current smb2_ea_info. ksmbd need to validate buffer length Before
accessing the next ea. ksmbd should check buffer length using buf_len,
not next variable. next is the start offset of current ea that got from
previous ea.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-32246
Published : Aug. 16, 2025, 2:15 p.m. | 1 day, 12 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
ksmbd: call rcu_barrier() in ksmbd_server_exit()
racy issue is triggered the bug by racing between closing a connection
and rmmod. In ksmbd, rcu_barrier() is not called at module unload time,
so nothing prevents ksmbd from getting unloaded while it still has RCU
callbacks pending. It leads to trigger unintended execution of kernel
code locally and use to defeat protections such as Kernel Lockdown
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8878
Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 14 hours ago
Description : The The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.16.4. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8143
Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 13 hours ago
Description : The Soledad theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pcsml_smartlists_h’ parameter in all versions up to, and including, 8.6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38548
Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
hwmon: (corsair-cpro) Validate the size of the received input buffer
Add buffer_recv_size to store the size of the received bytes.
Validate buffer_recv_size in send_usb_cmd().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38549
Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths
When processing mount options, efivarfs allocates efivarfs_fs_info (sfi)
early in fs_context initialization. However, sfi is associated with the
superblock and typically freed when the superblock is destroyed. If the
fs_context is released (final put) before fill_super is called—such as
on error paths or during reconfiguration—the sfi structure would leak,
as ownership never transfers to the superblock.
Implement the .free callback in efivarfs_context_ops to ensure any
allocated sfi is properly freed if the fs_context is torn down before
fill_super, preventing this memory leak.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38550 - Linux Kernel IPv6 Multicast Delayed Put Reference Vulnerability
CVE ID : CVE-2025-38550
Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
ipv6: mcast: Delay put pmc->idev in mld_del_delrec()
pmc->idev is still used in ip6_mc_clear_src(), so as mld_clear_delrec()
does, the reference should be put after ip6_mc_clear_src() return.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38551
Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
virtio-net: fix recursived rtnl_lock() during probe()
The deadlock appears in a stack trace like:
virtnet_probe()
rtnl_lock()
virtio_config_changed_work()
netdev_notify_peers()
rtnl_lock()
It happens if the VMM sends a VIRTIO_NET_S_ANNOUNCE request while the
virtio-net driver is still probing.
The config_work in probe() will get scheduled until virtnet_open() enables
the config change notification via virtio_config_driver_enable().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38552 - Linux Kernel MPTCP Subflow Creation Race Condition Vulnerability
CVE ID : CVE-2025-38552
Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
mptcp: plug races between subflow fail and subflow creation
We have races similar to the one addressed by the previous patch between
subflow failing and additional subflow creation. They are just harder to
trigger.
The solution is similar. Use a separate flag to track the condition
'socket state prevent any additional subflow creation' protected by the
fallback lock.
The socket fallback makes such flag true, and also receiving or sending
an MP_FAIL option.
The field 'allow_infinite_fallback' is now always touched under the
relevant lock, we can drop the ONCE annotation on write.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8105 - Soledad Theme for WordPress Shortcode Execution Vulnerability
CVE ID : CVE-2025-8105
Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago
Description : The The Soledad theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.6.7. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8142 - Soledad Theme for WordPress Local File Inclusion Vulnerability
CVE ID : CVE-2025-8142
Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 11 hours ago
Description : The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.6.7 via the 'header_layout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where .php file types can be uploaded and included.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38544 - Linux Kernel rxrpc Call ID Preallocation Collision Vulnerability
CVE ID : CVE-2025-38544
Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 9 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix bug due to prealloc collision
When userspace is using AF_RXRPC to provide a server, it has to preallocate
incoming calls and assign to them call IDs that will be used to thread
related recvmsg() and sendmsg() together. The preallocated call IDs will
automatically be attached to calls as they come in until the pool is empty.
To the kernel, the call IDs are just arbitrary numbers, but userspace can
use the call ID to hold a pointer to prepared structs. In any case, the
user isn't permitted to create two calls with the same call ID (call IDs
become available again when the call ends) and EBADSLT should result from
sendmsg() if an attempt is made to preallocate a call with an in-use call
ID.
However, the cleanup in the error handling will trigger both assertions in
rxrpc_cleanup_call() because the call isn't marked complete and isn't
marked as having been released.
Fix this by setting the call state in rxrpc_service_prealloc_one() and then
marking it as being released before calling the cleanup function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38545 - Cisco Linux Kernel Netdev Allocation Vulnerability
CVE ID : CVE-2025-38545
Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 9 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skb_shared_info
While transitioning from netdev_alloc_ip_align() to build_skb(), memory
for the "skb_shared_info" member of an "skb" was not allocated. Fix this
by allocating "PAGE_SIZE" as the skb length, accounting for the packet
length, headroom and tailroom, thereby including the required memory space
for skb_shared_info.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38546
Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 9 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
atm: clip: Fix memory leak of struct clip_vcc.
ioctl(ATMARP_MKIP) allocates struct clip_vcc and set it to
vcc->user_back.
The code assumes that vcc_destroy_socket() passes NULL skb
to vcc->push() when the socket is close()d, and then clip_push()
frees clip_vcc.
However, ioctl(ATMARPD_CTRL) sets NULL to vcc->push() in
atm_init_atmarp(), resulting in memory leak.
Let's serialise two ioctl() by lock_sock() and check vcc->push()
in atm_init_atmarp() to prevent memleak.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38547 - Linux AXP717 ADC Channel Map Sentinel Vulnerability
CVE ID : CVE-2025-38547
Published : Aug. 16, 2025, 12:15 p.m. | 1 day, 9 hours ago
Description : In the Linux kernel, the following vulnerability has been resolved:
iio: adc: axp20x_adc: Add missing sentinel to AXP717 ADC channel maps
The AXP717 ADC channel maps is missing a sentinel entry at the end. This
causes a KASAN warning.
Add the missing sentinel entry.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38542 - Linux Kernel Device Refcount Leak Vulnerability in Appletalk Net Driver
CVE ID : CVE-2025-38542
Published : Aug. 16, 2025, 12:15 p.m. | 14 hours, 4 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
net: appletalk: Fix device refcount leak in atrtr_create()
When updating an existing route entry in atrtr_create(), the old device
reference was not being released before assigning the new device,
leading to a device refcount leak. Fix this by calling dev_put() to
release the old device reference before holding the new one.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38543 - Tegra DRM DMA API Misuse Vulnerability
CVE ID : CVE-2025-38543
Published : Aug. 16, 2025, 12:15 p.m. | 14 hours, 4 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
drm/tegra: nvdec: Fix dma_alloc_coherent error check
Check for NULL return value with dma_alloc_coherent, in line with
Robin's fix for vic.c in 'drm/tegra: vic: Fix DMA API misuse'.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38541
Published : Aug. 16, 2025, 12:15 p.m. | 12 hours, 4 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init()
devm_kasprintf() returns NULL on error. Currently, mt7925_thermal_init()
does not check for this case, which results in a NULL pointer
dereference.
Add NULL check after devm_kasprintf() to prevent this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38539 - Linux kernel: Tracing Module Event Corruption
CVE ID : CVE-2025-38539
Published : Aug. 16, 2025, 12:15 p.m. | 9 hours, 25 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
tracing: Add down_write(trace_event_sem) when adding trace event
When a module is loaded, it adds trace events defined by the module. It
may also need to modify the modules trace printk formats to replace enum
names with their values.
If two modules are loaded at the same time, the adding of the event to the
ftrace_events list can corrupt the walking of the list in the code that is
modifying the printk format strings and crash the kernel.
The addition of the event should take the trace_event_sem for write while
it adds the new event.
Also add a lockdep_assert_held() on that semaphore in
__trace_add_event_dirs() as it iterates the list.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38540
Published : Aug. 16, 2025, 12:15 p.m. | 9 hours, 25 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras
The Chicony Electronics HP 5MP Cameras (USB ID 04F2:B824 & 04F2:B82C)
report a HID sensor interface that is not actually implemented.
Attempting to access this non-functional sensor via iio_info causes
system hangs as runtime PM tries to wake up an unresponsive sensor.
Add these 2 devices to the HID ignore list since the sensor interface is
non-functional by design and should not be exposed to userspace.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38533 - Linux Kernel DMA Use-After-Free Vulnerability in wx_rx_buffer
CVE ID : CVE-2025-38533
Published : Aug. 16, 2025, 12:15 p.m. | 1 hour, 48 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
net: libwx: fix the using of Rx buffer DMA
The wx_rx_buffer structure contained two DMA address fields: 'dma' and
'page_dma'. However, only 'page_dma' was actually initialized and used
to program the Rx descriptor. But 'dma' was uninitialized and used in
some paths.
This could lead to undefined behavior, including DMA errors or
use-after-free, if the uninitialized 'dma' was used. Althrough such
error has not yet occurred, it is worth fixing in the code.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38534 - Ceph Linux Kernel NETFS Request Offload Collection Vulnerability
CVE ID : CVE-2025-38534
Published : Aug. 16, 2025, 12:15 p.m. | 1 hour, 48 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
netfs: Fix copy-to-cache so that it performs collection with ceph+fscache
The netfs copy-to-cache that is used by Ceph with local caching sets up a
new request to write data just read to the cache. The request is started
and then left to look after itself whilst the app continues. The request
gets notified by the backing fs upon completion of the async DIO write, but
then tries to wake up the app because NETFS_RREQ_OFFLOAD_COLLECTION isn't
set - but the app isn't waiting there, and so the request just hangs.
Fix this by setting NETFS_RREQ_OFFLOAD_COLLECTION which causes the
notification from the backing filesystem to put the collection onto a work
queue instead.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38535 - Linux Kernel Tegra XUSB Regulator Unbalanced Disable Vulnerability
CVE ID : CVE-2025-38535
Published : Aug. 16, 2025, 12:15 p.m. | 1 hour, 48 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode
When transitioning from USB_ROLE_DEVICE to USB_ROLE_NONE, the code
assumed that the regulator should be disabled. However, if the regulator
is marked as always-on, regulator_is_enabled() continues to return true,
leading to an incorrect attempt to disable a regulator which is not
enabled.
This can result in warnings such as:
[ 250.155624] WARNING: CPU: 1 PID: 7326 at drivers/regulator/core.c:3004
_regulator_disable+0xe4/0x1a0
[ 250.155652] unbalanced disables for VIN_SYS_5V0
To fix this, we move the regulator control logic into
tegra186_xusb_padctl_id_override() function since it's directly related
to the ID override state. The regulator is now only disabled when the role
transitions from USB_ROLE_HOST to USB_ROLE_NONE, by checking the VBUS_ID
register. This ensures that regulator enable/disable operations are
properly balanced and only occur when actually transitioning to/from host
mode.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38536 - "Airoha Linux Kernel Use-After-Free Vulnerability"
CVE ID : CVE-2025-38536
Published : Aug. 16, 2025, 12:15 p.m. | 1 hour, 48 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
net: airoha: fix potential use-after-free in airoha_npu_get()
np->name was being used after calling of_node_put(np), which
releases the node and can lead to a use-after-free bug.
Previously, of_node_put(np) was called unconditionally after
of_find_device_by_node(np), which could result in a use-after-free if
pdev is NULL.
This patch moves of_node_put(np) after the error check to ensure
the node is only released after both the error and success cases
are handled appropriately, preventing potential resource issues.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38537 - Linux Kernel: Net PHY LED Registration Vulnerability
CVE ID : CVE-2025-38537
Published : Aug. 16, 2025, 12:15 p.m. | 1 hour, 48 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
net: phy: Don't register LEDs for genphy
If a PHY has no driver, the genphy driver is probed/removed directly in
phy_attach/detach. If the PHY's ofnode has an "leds" subnode, then the
LEDs will be (un)registered when probing/removing the genphy driver.
This could occur if the leds are for a non-generic driver that isn't
loaded for whatever reason. Synchronously removing the PHY device in
phy_detach leads to the following deadlock:
rtnl_lock()
ndo_close()
...
phy_detach()
phy_remove()
phy_leds_unregister()
led_classdev_unregister()
led_trigger_set()
netdev_trigger_deactivate()
unregister_netdevice_notifier()
rtnl_lock()
There is a corresponding deadlock on the open/register side of things
(and that one is reported by lockdep), but it requires a race while this
one is deterministic.
Generic PHYs do not support LEDs anyway, so don't bother registering
them.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38538 - Linux Kernel DMAengine nbpfaxi Memory Corruption Vulnerability
CVE ID : CVE-2025-38538
Published : Aug. 16, 2025, 12:15 p.m. | 1 hour, 48 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
dmaengine: nbpfaxi: Fix memory corruption in probe()
The nbpf->chan[] array is allocated earlier in the nbpf_probe() function
and it has "num_channels" elements. These three loops iterate one
element farther than they should and corrupt memory.
The changes to the second loop are more involved. In this case, we're
copying data from the irqbuf[] array into the nbpf->chan[] array. If
the data in irqbuf[i] is the error IRQ then we skip it, so the iterators
are not in sync. I added a check to ensure that we don't go beyond the
end of the irqbuf[] array. I'm pretty sure this can't happen, but it
seemed harmless to add a check.
On the other hand, after the loop has ended there is a check to ensure
that the "chan" iterator is where we expect it to be. In the original
code we went one element beyond the end of the array so the iterator
wasn't in the correct place and it would always return -EINVAL. However,
now it will always be in the correct place. I deleted the check since
we know the result.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38503 - Here is the title:Apache Linux Btrfs Free Space Tree Vulnerability
CVE ID : CVE-2025-38503
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix assertion when building free space tree
When building the free space tree with the block group tree feature
enabled, we can hit an assertion failure like this:
BTRFS info (device loop0 state M): rebuilding free space tree
assertion failed: ret == 0, in fs/btrfs/free-space-tree.c:1102
------------[ cut here ]------------
kernel BUG at fs/btrfs/free-space-tree.c:1102!
Internal error: Oops - BUG: 00000000f2000800 [#1] SMP
Modules linked in:
CPU: 1 UID: 0 PID: 6592 Comm: syz-executor322 Not tainted 6.15.0-rc7-syzkaller-gd7fa1af5b33e #0 PREEMPT
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102
lr : populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102
sp : ffff8000a4ce7600
x29: ffff8000a4ce76e0 x28: ffff0000c9bc6000 x27: ffff0000ddfff3d8
x26: ffff0000ddfff378 x25: dfff800000000000 x24: 0000000000000001
x23: ffff8000a4ce7660 x22: ffff70001499cecc x21: ffff0000e1d8c160
x20: ffff0000e1cb7800 x19: ffff0000e1d8c0b0 x18: 00000000ffffffff
x17: ffff800092f39000 x16: ffff80008ad27e48 x15: ffff700011e740c0
x14: 1ffff00011e740c0 x13: 0000000000000004 x12: ffffffffffffffff
x11: ffff700011e740c0 x10: 0000000000ff0100 x9 : 94ef24f55d2dbc00
x8 : 94ef24f55d2dbc00 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff8000a4ce6f98 x4 : ffff80008f415ba0 x3 : ffff800080548ef0
x2 : 0000000000000000 x1 : 0000000100000000 x0 : 000000000000003e
Call trace:
populate_free_space_tree+0x514/0x518 fs/btrfs/free-space-tree.c:1102 (P)
btrfs_rebuild_free_space_tree+0x14c/0x54c fs/btrfs/free-space-tree.c:1337
btrfs_start_pre_rw_mount+0xa78/0xe10 fs/btrfs/disk-io.c:3074
btrfs_remount_rw fs/btrfs/super.c:1319 [inline]
btrfs_reconfigure+0x828/0x2418 fs/btrfs/super.c:1543
reconfigure_super+0x1d4/0x6f0 fs/super.c:1083
do_remount fs/namespace.c:3365 [inline]
path_mount+0xb34/0xde0 fs/namespace.c:4200
do_mount fs/namespace.c:4221 [inline]
__do_sys_mount fs/namespace.c:4432 [inline]
__se_sys_mount fs/namespace.c:4409 [inline]
__arm64_sys_mount+0x3e8/0x468 fs/namespace.c:4409
__invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49
el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151
el0_svc+0x58/0x17c arch/arm64/kernel/entry-common.c:767
el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:786
el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600
Code: f0047182 91178042 528089c3 9771d47b (d4210000)
---[ end trace 0000000000000000 ]---
This happens because we are processing an empty block group, which has
no extents allocated from it, there are no items for this block group,
including the block group item since block group items are stored in a
dedicated tree when using the block group tree feature. It also means
this is the block group with the highest start offset, so there are no
higher keys in the extent root, hence btrfs_search_slot_for_read()
returns 1 (no higher key found).
Fix this by asserting 'ret' is 0 only if the block group tree feature
is not enabled, in which case we should find a block group item for
the block group since it's stored in the extent root and block group
item keys are greater than extent item keys (the value for
BTRFS_BLOCK_GROUP_ITEM_KEY is 192 and for BTRFS_EXTENT_ITEM_KEY and
BTRFS_METADATA_ITEM_KEY the values are 168 and 169 respectively).
In case 'ret' is 1, we just need to add a record to the free space
tree which spans the whole block group, and we can achieve this by
making 'ret == 0' as the while loop's condition.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38504 - Linux Kernel io_uring ZCRX Use After Free
CVE ID : CVE-2025-38504
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
io_uring/zcrx: fix pp destruction warnings
With multiple page pools and in some other cases we can have allocated
niovs on page pool destruction. Remove a misplaced warning checking that
all niovs are returned to zcrx on io_pp_zc_destroy(). It was reported
before but apparently got lost.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38507 - Nintendo Bluetooth HID Stall and Panic Vulnerability
CVE ID : CVE-2025-38507
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
HID: nintendo: avoid bluetooth suspend/resume stalls
Ensure we don't stall or panic the kernel when using bluetooth-connected
controllers. This was reported as an issue on android devices using
kernel 6.6 due to the resume hook which had been added for usb joycons.
First, set a new state value to JOYCON_CTLR_STATE_SUSPENDED in a
newly-added nintendo_hid_suspend. This makes sure we will not stall out
the kernel waiting for input reports during led classdev suspend. The
stalls could happen if connectivity is unreliable or lost to the
controller prior to suspend.
Second, since we lose connectivity during suspend, do not try
joycon_init() for bluetooth controllers in the nintendo_hid_resume path.
Tested via multiple suspend/resume flows when using the controller both
in USB and bluetooth modes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38508 - "SEV-SNP Linux Kernel Secure TSC Frequency Calculation Vulnerability"
CVE ID : CVE-2025-38508
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
x86/sev: Use TSC_FACTOR for Secure TSC frequency calculation
When using Secure TSC, the GUEST_TSC_FREQ MSR reports a frequency based on
the nominal P0 frequency, which deviates slightly (typically ~0.2%) from
the actual mean TSC frequency due to clocking parameters.
Over extended VM uptime, this discrepancy accumulates, causing clock skew
between the hypervisor and a SEV-SNP VM, leading to early timer interrupts as
perceived by the guest.
The guest kernel relies on the reported nominal frequency for TSC-based
timekeeping, while the actual frequency set during SNP_LAUNCH_START may
differ. This mismatch results in inaccurate time calculations, causing the
guest to perceive hrtimers as firing earlier than expected.
Utilize the TSC_FACTOR from the SEV firmware's secrets page (see "Secrets
Page Format" in the SNP Firmware ABI Specification) to calculate the mean
TSC frequency, ensuring accurate timekeeping and mitigating clock skew in
SEV-SNP VMs.
Use early_ioremap_encrypted() to map the secrets page as
ioremap_encrypted() uses kmalloc() which is not available during early TSC
initialization and causes a panic.
[ bp: Drop the silly dummy var:
https://lore.kernel.org/r/20250630192726.GBaGLlHl84xIopx4Pt@fat_crate.local ]
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38509 - Apache Linux WiFi Invalid Channel Width Notification Vulnerability
CVE ID : CVE-2025-38509
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
wifi: mac80211: reject VHT opmode for unsupported channel widths
VHT operating mode notifications are not defined for channel widths
below 20 MHz. In particular, 5 MHz and 10 MHz are not valid under the
VHT specification and must be rejected.
Without this check, malformed notifications using these widths may
reach ieee80211_chan_width_to_rx_bw(), leading to a WARN_ON due to
invalid input. This issue was reported by syzbot.
Reject these unsupported widths early in sta_link_apply_parameters()
when opmode_notif is used. The accepted set includes 20, 40, 80, 160,
and 80+80 MHz, which are valid for VHT. While 320 MHz is not defined
for VHT, it is allowed to avoid rejecting HE or EHT clients that may
still send a VHT opmode notification.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38510 - Linux Kernel KASAN Deadlock Vulnerability
CVE ID : CVE-2025-38510
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
kasan: remove kasan_find_vm_area() to prevent possible deadlock
find_vm_area() couldn't be called in atomic_context. If find_vm_area() is
called to reports vm area information, kasan can trigger deadlock like:
CPU0 CPU1
vmalloc();
alloc_vmap_area();
spin_lock(&vn->busy.lock)
spin_lock_bh(&some_lock);
spin_lock(&some_lock);
kasan_report();
print_report();
print_address_description();
kasan_find_vm_area();
find_vm_area();
spin_lock(&vn->busy.lock) // deadlock!
To prevent possible deadlock while kasan reports, remove kasan_find_vm_area().
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38511 - Linux Kernel Xe DRM Uninitialized Data Exposure Vulnerability
CVE ID : CVE-2025-38511
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
drm/xe/pf: Clear all LMTT pages on alloc
Our LMEM buffer objects are not cleared by default on alloc
and during VF provisioning we only setup LMTT PTEs for the
actually provisioned LMEM range. But beyond that valid range
we might leave some stale data that could either point to some
other VFs allocations or even to the PF pages.
Explicitly clear all new LMTT page to avoid the risk that a
malicious VF would try to exploit that gap.
While around add asserts to catch any undesired PTE overwrites
and low-level debug traces to track LMTT PT life-cycle.
(cherry picked from commit 3fae6918a3e27cce20ded2551f863fb05d4bef8d)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38512 - Linux Wi-Fi A-MSDU Mesh Spoofing Vulnerability
CVE ID : CVE-2025-38512
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
wifi: prevent A-MSDU attacks in mesh networks
This patch is a mitigation to prevent the A-MSDU spoofing vulnerability
for mesh networks. The initial update to the IEEE 802.11 standard, in
response to the FragAttacks, missed this case (CVE-2025-27558). It can
be considered a variant of CVE-2020-24588 but for mesh networks.
This patch tries to detect if a standard MSDU was turned into an A-MSDU
by an adversary. This is done by parsing a received A-MSDU as a standard
MSDU, calculating the length of the Mesh Control header, and seeing if
the 6 bytes after this header equal the start of an rfc1042 header. If
equal, this is a strong indication of an ongoing attack attempt.
This defense was tested with mac80211_hwsim against a mesh network that
uses an empty Mesh Address Extension field, i.e., when four addresses
are used, and when using a 12-byte Mesh Address Extension field, i.e.,
when six addresses are used. Functionality of normal MSDUs and A-MSDUs
was also tested, and confirmed working, when using both an empty and
12-byte Mesh Address Extension field.
It was also tested with mac80211_hwsim that A-MSDU attacks in non-mesh
networks keep being detected and prevented.
Note that the vulnerability being patched, and the defense being
implemented, was also discussed in the following paper and in the
following IEEE 802.11 presentation:
https://papers.mathyvanhoef.com/wisec2025.pdf
https://mentor.ieee.org/802.11/dcn/25/11-25-0949-00-000m-a-msdu-mesh-spoof-protection.docx
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38513
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev()
There is a potential NULL pointer dereference in zd_mac_tx_to_dev(). For
example, the following is possible:
T0 T1
zd_mac_tx_to_dev()
/* len == skb_queue_len(q) */
while (len > ZD_MAC_MAX_ACK_WAITERS) {
filter_ack()
spin_lock_irqsave(&q->lock, flags);
/* position == skb_queue_len(q) */
for (i=1; itype == NL80211_IFTYPE_AP)
skb = __skb_dequeue(q);
spin_unlock_irqrestore(&q->lock, flags);
skb_dequeue() -> NULL
Since there is a small gap between checking skb queue length and skb being
unconditionally dequeued in zd_mac_tx_to_dev(), skb_dequeue() can return NULL.
Then the pointer is passed to zd_mac_tx_status() where it is dereferenced.
In order to avoid potential NULL pointer dereference due to situations like
above, check if skb is not NULL before passing it to zd_mac_tx_status().
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38514 - Linux Kernel rxrpc NULL Pointer Dereference Vulnerability
CVE ID : CVE-2025-38514
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
rxrpc: Fix oops due to non-existence of prealloc backlog struct
If an AF_RXRPC service socket is opened and bound, but calls are
preallocated, then rxrpc_alloc_incoming_call() will oops because the
rxrpc_backlog struct doesn't get allocated until the first preallocation is
made.
Fix this by returning NULL from rxrpc_alloc_incoming_call() if there is no
backlog struct. This will cause the incoming call to be aborted.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38515
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
drm/sched: Increment job count before swapping tail spsc queue
A small race exists between spsc_queue_push and the run-job worker, in
which spsc_queue_push may return not-first while the run-job worker has
already idled due to the job count being zero. If this race occurs, job
scheduling stops, leading to hangs while waiting on the job’s DMA
fences.
Seal this race by incrementing the job count before appending to the
SPSC queue.
This race was observed on a drm-tip 6.16-rc1 build with the Xe driver in
an SVM test case.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38516
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
pinctrl: qcom: msm: mark certain pins as invalid for interrupts
On some platforms, the UFS-reset pin has no interrupt logic in TLMM but
is nevertheless registered as a GPIO in the kernel. This enables the
user-space to trigger a BUG() in the pinctrl-msm driver by running, for
example: `gpiomon -c 0 113` on RB2.
The exact culprit is requesting pins whose intr_detection_width setting
is not 1 or 2 for interrupts. This hits a BUG() in
msm_gpio_irq_set_type(). Potentially crashing the kernel due to an
invalid request from user-space is not optimal, so let's go through the
pins and mark those that would fail the check as invalid for the irq chip
as we should not even register them as available irqs.
This function can be extended if we determine that there are more
corner-cases like this.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38517 - Linux Kernel Oracle alloc_tag: Semaphore Acquisition Vulnerability
CVE ID : CVE-2025-38517
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
lib/alloc_tag: do not acquire non-existent lock in alloc_tag_top_users()
alloc_tag_top_users() attempts to lock alloc_tag_cttype->mod_lock even
when the alloc_tag_cttype is not allocated because:
1) alloc tagging is disabled because mem profiling is disabled
(!alloc_tag_cttype)
2) alloc tagging is enabled, but not yet initialized (!alloc_tag_cttype)
3) alloc tagging is enabled, but failed initialization
(!alloc_tag_cttype or IS_ERR(alloc_tag_cttype))
In all cases, alloc_tag_cttype is not allocated, and therefore
alloc_tag_top_users() should not attempt to acquire the semaphore.
This leads to a crash on memory allocation failure by attempting to
acquire a non-existent semaphore:
Oops: general protection fault, probably for non-canonical address 0xdffffc000000001b: 0000 [#3] SMP KASAN NOPTI
KASAN: null-ptr-deref in range [0x00000000000000d8-0x00000000000000df]
CPU: 2 UID: 0 PID: 1 Comm: systemd Tainted: G D 6.16.0-rc2 #1 VOLUNTARY
Tainted: [D]=DIE
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
RIP: 0010:down_read_trylock+0xaa/0x3b0
Code: d0 7c 08 84 d2 0f 85 a0 02 00 00 8b 0d df 31 dd 04 85 c9 75 29 48 b8 00 00 00 00 00 fc ff df 48 8d 6b 68 48 89 ea 48 c1 ea 03 <80> 3c 02 00 0f 85 88 02 00 00 48 3b 5b 68 0f 85 53 01 00 00 65 ff
RSP: 0000:ffff8881002ce9b8 EFLAGS: 00010016
RAX: dffffc0000000000 RBX: 0000000000000070 RCX: 0000000000000000
RDX: 000000000000001b RSI: 000000000000000a RDI: 0000000000000070
RBP: 00000000000000d8 R08: 0000000000000001 R09: ffffed107dde49d1
R10: ffff8883eef24e8b R11: ffff8881002cec20 R12: 1ffff11020059d37
R13: 00000000003fff7b R14: ffff8881002cec20 R15: dffffc0000000000
FS: 00007f963f21d940(0000) GS:ffff888458ca6000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f963f5edf71 CR3: 000000010672c000 CR4: 0000000000350ef0
Call Trace:
codetag_trylock_module_list+0xd/0x20
alloc_tag_top_users+0x369/0x4b0
__show_mem+0x1cd/0x6e0
warn_alloc+0x2b1/0x390
__alloc_frozen_pages_noprof+0x12b9/0x21a0
alloc_pages_mpol+0x135/0x3e0
alloc_slab_page+0x82/0xe0
new_slab+0x212/0x240
___slab_alloc+0x82a/0xe00
As David Wang points out, this issue became easier to trigger after commit
780138b12381 ("alloc_tag: check mem_profiling_support in alloc_tag_init").
Before the commit, the issue occurred only when it failed to allocate and
initialize alloc_tag_cttype or if a memory allocation fails before
alloc_tag_init() is called. After the commit, it can be easily triggered
when memory profiling is compiled but disabled at boot.
To properly determine whether alloc_tag_init() has been called and its
data structures initialized, verify that alloc_tag_cttype is a valid
pointer before acquiring the semaphore. If the variable is NULL or an
error value, it has not been properly initialized. In such a case, just
skip and do not attempt to acquire the semaphore.
[harry.yoo@oracle.com: v3]
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38518 - AMD Cyan Skillfish CPUID Information Disclosure
CVE ID : CVE-2025-38518
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
x86/CPU/AMD: Disable INVLPGB on Zen2
AMD Cyan Skillfish (Family 17h, Model 47h, Stepping 0h) has an issue
that causes system oopses and panics when performing TLB flush using
INVLPGB.
However, the problem is that that machine has misconfigured CPUID and
should not report the INVLPGB bit in the first place. So zap the
kernel's representation of the flag so that nothing gets confused.
[ bp: Massage. ]
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38519 - "Linux Kernel Divide by Zero Vulnerability in damon_get_intervals_score()"
CVE ID : CVE-2025-38519
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
mm/damon: fix divide by zero in damon_get_intervals_score()
The current implementation allows having zero size regions with no special
reasons, but damon_get_intervals_score() gets crashed by divide by zero
when the region size is zero.
[ 29.403950] Oops: divide error: 0000 [#1] SMP NOPTI
This patch fixes the bug, but does not disallow zero size regions to keep
the backward compatibility since disallowing zero size regions might be a
breaking change for some users.
In addition, the same crash can happen when intervals_goal.access_bp is
zero so this should be fixed in stable trees as well.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38520 - AMDGPU Linux Kernel Deadlock Vulnerability
CVE ID : CVE-2025-38520
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
drm/amdkfd: Don't call mmput from MMU notifier callback
If the process is exiting, the mmput inside mmu notifier callback from
compactd or fork or numa balancing could release the last reference
of mm struct to call exit_mmap and free_pgtable, this triggers deadlock
with below backtrace.
The deadlock will leak kfd process as mmu notifier release is not called
and cause VRAM leaking.
The fix is to take mm reference mmget_non_zero when adding prange to the
deferred list to pair with mmput in deferred list work.
If prange split and add into pchild list, the pchild work_item.mm is not
used, so remove the mm parameter from svm_range_unmap_split and
svm_range_add_child.
The backtrace of hung task:
INFO: task python:348105 blocked for more than 64512 seconds.
Call Trace:
__schedule+0x1c3/0x550
schedule+0x46/0xb0
rwsem_down_write_slowpath+0x24b/0x4c0
unlink_anon_vmas+0xb1/0x1c0
free_pgtables+0xa9/0x130
exit_mmap+0xbc/0x1a0
mmput+0x5a/0x140
svm_range_cpu_invalidate_pagetables+0x2b/0x40 [amdgpu]
mn_itree_invalidate+0x72/0xc0
__mmu_notifier_invalidate_range_start+0x48/0x60
try_to_unmap_one+0x10fa/0x1400
rmap_walk_anon+0x196/0x460
try_to_unmap+0xbb/0x210
migrate_page_unmap+0x54d/0x7e0
migrate_pages_batch+0x1c3/0xae0
migrate_pages_sync+0x98/0x240
migrate_pages+0x25c/0x520
compact_zone+0x29d/0x590
compact_zone_order+0xb6/0xf0
try_to_compact_pages+0xbe/0x220
__alloc_pages_direct_compact+0x96/0x1a0
__alloc_pages_slowpath+0x410/0x930
__alloc_pages_nodemask+0x3a9/0x3e0
do_huge_pmd_anonymous_page+0xd7/0x3e0
__handle_mm_fault+0x5e3/0x5f0
handle_mm_fault+0xf7/0x2e0
hmm_vma_fault.isra.0+0x4d/0xa0
walk_pmd_range.isra.0+0xa8/0x310
walk_pud_range+0x167/0x240
walk_pgd_range+0x55/0x100
__walk_page_range+0x87/0x90
walk_page_range+0xf6/0x160
hmm_range_fault+0x4f/0x90
amdgpu_hmm_range_get_pages+0x123/0x230 [amdgpu]
amdgpu_ttm_tt_get_user_pages+0xb1/0x150 [amdgpu]
init_user_pages+0xb1/0x2a0 [amdgpu]
amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x543/0x7d0 [amdgpu]
kfd_ioctl_alloc_memory_of_gpu+0x24c/0x4e0 [amdgpu]
kfd_ioctl+0x29d/0x500 [amdgpu]
(cherry picked from commit a29e067bd38946f752b0ef855f3dfff87e77bec7)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38521
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
drm/imagination: Fix kernel crash when hard resetting the GPU
The GPU hard reset sequence calls pm_runtime_force_suspend() and
pm_runtime_force_resume(), which according to their documentation should
only be used during system-wide PM transitions to sleep states.
The main issue though is that depending on some internal runtime PM
state as seen by pm_runtime_force_suspend() (whether the usage count is
<= 1), pm_runtime_force_resume() might not resume the device unless
needed. If that happens, the runtime PM resume callback
pvr_power_device_resume() is not called, the GPU clocks are not
re-enabled, and the kernel crashes on the next attempt to access GPU
registers as part of the power-on sequence.
Replace calls to pm_runtime_force_suspend() and
pm_runtime_force_resume() with direct calls to the driver's runtime PM
callbacks, pvr_power_device_suspend() and pvr_power_device_resume(),
to ensure clocks are re-enabled and avoid the kernel crash.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9092 - Bouncy Castle for Java - BC-FJA Uncontrolled Resource Consumption Denial of Service
CVE ID : CVE-2025-9092
Published : Aug. 16, 2025, 11:15 a.m. | 47 minutes ago
Description : Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips (API modules) allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader.
This issue affects Bouncy Castle for Java - BC-FJA 2.1.0: from BC-FJA 2.1.0 through 2.1.0.
Severity: 1.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38502 - Linux Kernel BPF Cgroup Local Storage Out-of-Bounds Access
CVE ID : CVE-2025-38502
Published : Aug. 16, 2025, 10:15 a.m. | 1 hour, 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix oob access in cgroup local storage
Lonial reported that an out-of-bounds access in cgroup local storage
can be crafted via tail calls. Given two programs each utilizing a
cgroup local storage with a different value size, and one program
doing a tail call into the other. The verifier will validate each of
the indivial programs just fine. However, in the runtime context
the bpf_cg_run_ctx holds an bpf_prog_array_item which contains the
BPF program as well as any cgroup local storage flavor the program
uses. Helpers such as bpf_get_local_storage() pick this up from the
runtime context:
ctx = container_of(current->bpf_ctx, struct bpf_cg_run_ctx, run_ctx);
storage = ctx->prog_item->cgroup_storage[stype];
if (stype == BPF_CGROUP_STORAGE_SHARED)
ptr = &READ_ONCE(storage->buf)->data[0];
else
ptr = this_cpu_ptr(storage->percpu_buf);
For the second program which was called from the originally attached
one, this means bpf_get_local_storage() will pick up the former
program's map, not its own. With mismatching sizes, this can result
in an unintended out-of-bounds access.
To fix this issue, we need to extend bpf_map_owner with an array of
storage_cookie[] to match on i) the exact maps from the original
program if the second program was using bpf_get_local_storage(), or
ii) allow the tail call combination if the second program was not
using any of the cgroup local storage maps.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8719
Published : Aug. 16, 2025, 9:15 a.m. | 2 hours, 47 minutes ago
Description : The Translate This gTranslate Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘base_lang’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7499 - BetterDocs – Unauthorized Data Access Vulnerability
CVE ID : CVE-2025-7499
Published : Aug. 16, 2025, 8:15 a.m. | 3 hours, 47 minutes ago
Description : The BetterDocs – Advanced AI-Driven Documentation, FAQ & Knowledge Base Tool for Elementor & Gutenberg with Encyclopedia, AI Support, Instant Answers plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_response function in all versions up to and including 4.1.1. This makes it possible for unauthenticated attackers to retrieve passwords for password-protected documents as well as the metadata of private and draft documents.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8464 - WordPress Contact Form 7 Drag and Drop Multiple File Upload Directory Traversal Vulnerability
CVE ID : CVE-2025-8464
Published : Aug. 16, 2025, 8:15 a.m. | 3 hours, 47 minutes ago
Description : The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.3.9.0 via the wpcf7_guest_user_id cookie. This makes it possible for unauthenticated attackers to upload and delete files outside of the originally intended directory. The impact of this vulnerability is limited, as file types are validated and only safe ones can be uploaded, while deletion is limited to the plugin's uploads folder.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8898
Published : Aug. 16, 2025, 7:15 a.m. | 4 hours, 47 minutes ago
Description : The Taxi Booking Manager for Woocommerce | E-cab plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.3.0. This is due to the plugin not properly validating a user's capabilities prior to updating a plugin setting or their identity prior to updating their details like email address. This makes it possible for unauthenticated attackers to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8089
Published : Aug. 16, 2025, 7:15 a.m. | 2 hours, 47 minutes ago
Description : The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'additional' parameter in version less than, or equal to, 2025.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8896 - WordPress User Profile Builder Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-8896
Published : Aug. 16, 2025, 7:15 a.m. | 2 hours, 47 minutes ago
Description : The User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gdpr_communication_preferences[]' parameter in all versions up to, and including, 3.14.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This is only exploitable when the GDPR Communication Preferences module is enabled and at least one GDPR Communication Preferences field has been added to the edit profile form.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38501 - KSMBD Connection Flood Denial of Service Vulnerability
CVE ID : CVE-2025-38501
Published : Aug. 16, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
ksmbd: limit repeated connections from clients with the same IP
Repeated connections from clients with the same IP address may exhaust
the max connections and prevent other normal client connections.
This patch limit repeated connections from clients with the same IP.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8113 - Ebook Store WordPress Cross-Site Scripting (XSS)
CVE ID : CVE-2025-8113
Published : Aug. 16, 2025, 6:15 a.m. | 3 hours, 47 minutes ago
Description : The Ebook Store WordPress plugin before 5.8015 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6221
Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago
Description : The Embed Bokun plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ parameter in all versions up to, and including, 0.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7439
Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago
Description : Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $anber_item['button_link']['url']’ parameter in all versions up to, and including, 1.0.1 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7440
Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago
Description : The Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $item['button_link']['url'] parameter in all versions up to, and including, 1.0.1 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7441
Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago
Description : The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7649
Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago
Description : The Surbma | Recent Comments Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'recent-comments' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7651
Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago
Description : The Earnware Connect plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ew_hasrole' shortcode in all versions up to, and including, 1.0.73 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7664 - WordPress AL Pack Origin Header Validation Bypass
CVE ID : CVE-2025-7664
Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago
Description : The AL Pack plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the check_activate_permission() permission callback for the /wp-json/presslearn/v1/activate REST API endpoint in all versions up to, and including, 1.0.2. The callback reads the client-supplied Origin header and, after parsing, allows the request if it matches one of the trusted domains, without ever verifying user authentication, capabilities, or nonce tokens. This makes it possible for unauthenticated attackers to activate premium features by simply spoofing the Origin header.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7668 - WordPress Linux Promotional Plugin CSRF Vulnerability
CVE ID : CVE-2025-7668
Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago
Description : The Linux Promotional Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the 'inux-promotional-plugin.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7683
Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago
Description : The LatestCheckins plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1. This is due to missing or incorrect nonce validation on the 'LatestCheckins' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7684 - Last.fm Recent Album Artwork Plugin for WordPress CSRF Vulnerability
CVE ID : CVE-2025-7684
Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago
Description : The Last.fm Recent Album Artwork plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the 'lastfm_albums_artwork.php' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7686
Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago
Description : The weichuncai(WP伪春菜) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the sm-options.php page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8293
Published : Aug. 16, 2025, 4:16 a.m. | 5 hours, 46 minutes ago
Description : The Intl DateTime Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘date’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-12612 - "Wordpress School Management System SQL Injection"
CVE ID : CVE-2024-12612
Published : Aug. 16, 2025, 4:15 a.m. | 5 hours, 47 minutes ago
Description : The School Management System for Wordpress plugin for WordPress is vulnerable to SQL Injection via several parameters across multiple AJAX action in all versions up to, and including, 93.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-8393 - Woolook Woocommerce Blocks WordPress Local File Inclusion Vulnerability
CVE ID : CVE-2024-8393
Published : Aug. 16, 2025, 4:15 a.m. | 5 hours, 46 minutes ago
Description : The Woocommerce Blocks – Woolook plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.7.0 via the via the 'tab' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. Please note that this can also be exploited via CSRF techniques.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3671 - "Wordpress Gym Management System - Local File Inclusion Vulnerability"
CVE ID : CVE-2025-3671
Published : Aug. 16, 2025, 4:15 a.m. | 5 hours, 46 minutes ago
Description : The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 67.7.0 via the 'page' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. The Local File Inclusion exploit can be chained to include various dashboard view files in the plugin. One in particular reported by the researcher can be leveraged to update the password of Super Administrator accounts in Multisite environments making privilege escalation possible.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6079 - "WordPress School Management System File Upload Vulnerability"
CVE ID : CVE-2025-6079
Published : Aug. 16, 2025, 4:15 a.m. | 5 hours, 46 minutes ago
Description : The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the homework.php file in all versions up to, and including, 93.2.0. This makes it possible for authenticated attackers, with Student-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6080
Published : Aug. 16, 2025, 4:15 a.m. | 5 hours, 46 minutes ago
Description : The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to unauthorized admin account creation in all versions up to, and including, 67.7.0. This is due to the plugin not properly validating a user's capabilities prior to adding users. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create new users, including admins.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-12575 - WordPress Poll Maker Basic Information Exposure
CVE ID : CVE-2024-12575
Published : Aug. 16, 2025, 3:15 a.m. | 4 hours, 55 minutes ago
Description : The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Basic Information Exposure in all versions up to, and including, 5.8.9 via the 'ays_finish_poll' AJAX action. This makes it possible for unauthenticated attackers to retrieve admin email information which is exposed in the poll response.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-49895
Published : Aug. 16, 2025, 3:15 a.m. | 4 hours, 55 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in iThemes ServerBuddy by PluginBuddy.Com allows Object Injection.This issue affects ServerBuddy by PluginBuddy.Com: from n/a through 1.0.5.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55284 - Claude Code File Disclosure and Network Exfiltration
CVE ID : CVE-2025-55284
Published : Aug. 16, 2025, 2:15 a.m. | 5 hours, 55 minutes ago
Description : Claude Code is an agentic coding tool. Prior to version 1.0.4, it's possible to bypass the Claude Code confirmation prompts to read a file and then send file contents over the network without user confirmation due to an overly broad allowlist of safe commands. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. Users on standard Claude Code auto-update received this fix automatically after release. Current users of Claude Code are unaffected, as versions prior to 1.0.24 are deprecated and have been forced to update.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55286
Published : Aug. 16, 2025, 1:15 a.m. | 5 hours, 1 minute ago
Description : z2d is a pure Zig 2D graphics library. z2d v0.7.0 released with a new multi-sample anti-aliasing (MSAA) method, which uses a new buffering mechanism for storing coverage data. This differs from the standard alpha mask surface used for the previous super-sample anti-aliasing (SSAA) method. Under certain circumstances where the path being drawn existed in whole or partly outside of the rendering surface, incorrect bounding could cause out-of-bounds access within the coverage buffer. This affects the higher-level drawing operations, such as Context.fill, Context.stroke, painter.fill, and painter.stroke, when either the .default or .multisample_4x anti-aliasing modes were used. .supersample_4x was not affected, nor was drawing without anti-aliasing. In non-safe optimization modes (consumers compiling with ReleaseFast or ReleaseSmall), this could potentially lead to invalid memory accesses or corruption. z2d v0.7.1 fixes this issue, and it's recommended to upgrade to v0.7.1, or, given the small period of time v0.7.0 has been released, use v0.7.1 immediately, skipping v0.7.0.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2017-20199 - Buttercup Buttercup-Browser-Extension Remote Improper Access Control Vulnerability
CVE ID : CVE-2017-20199
Published : Aug. 16, 2025, 12:15 a.m. | 6 hours, 1 minute ago
Description : A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.1 is able to address this issue. The identifier of the patch is 89. It is recommended to upgrade the affected component. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52619 - HCL BigFix SaaS Authentication Service Sensitive Information Disclosure
CVE ID : CVE-2025-52619
Published : Aug. 15, 2025, 11:15 p.m. | 7 hours, 1 minute ago
Description : HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52620 - HCL BigFix XSS Vulnerability in Image Upload Functionality
CVE ID : CVE-2025-52620
Published : Aug. 15, 2025, 11:15 p.m. | 7 hours, 1 minute ago
Description : HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability. The image upload functionality inadequately validated the submitted image format.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52621
Published : Aug. 15, 2025, 11:15 p.m. | 7 hours, 1 minute ago
Description : HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52618
Published : Aug. 15, 2025, 11:15 p.m. | 4 hours, 36 minutes ago
Description : HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability. The vulnerability allows potential attackers to manipulate SQL queries.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43201 - Apple Music Classical Credential Disclosure
CVE ID : CVE-2025-43201
Published : Aug. 15, 2025, 10:15 p.m. | 5 hours, 36 minutes ago
Description : This issue was addressed with improved checks. This issue is fixed in Apple Music Classical 2.3 for Android. An app may be able to unexpectedly leak a user's credentials.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-44201
Published : Aug. 15, 2025, 9:15 p.m. | 6 hours, 36 minutes ago
Description : Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8959
Published : Aug. 15, 2025, 9:15 p.m. | 6 hours, 36 minutes ago
Description : HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36088 - IBM TS4500 Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-36088
Published : Aug. 15, 2025, 8:15 p.m. | 7 hours, 36 minutes ago
Description : IBM TS4500 1.11.0.0-D00, 1.11.0.1-C00, 1.11.0.2-C00, and 1.10.00-F00 web GUI is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43490 - HP Hotkey Support HPAAudioAnalytics Escalation of Privilege Vulnerability
CVE ID : CVE-2025-43490
Published : Aug. 15, 2025, 7:15 p.m. | 8 hours, 36 minutes ago
Description : A potential security vulnerability has been identified in the HPAudioAnalytics service included in the HP Hotkey Support software, which might allow escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55285 - Backstage Plugin Scaffolder Backend Information Disclosure
CVE ID : CVE-2025-55285
Published : Aug. 15, 2025, 6:15 p.m. | 9 hours, 36 minutes ago
Description : @backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of the input values in the fetch:template action in the Scaffolder meant that some of the secrets were not properly redacted. If ${{ secrets.x }} is not passed through to fetch:template there is no impact. This issue has been resolved in 2.1.1 of the scaffolder-backend plugin. A workaround for this issue involves Template Authors removing the use of ${{ secrets }} being used as an argument to fetch:template.
Severity: 2.6 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7961 - Wulkano KAP Code Injection Vulnerability
CVE ID : CVE-2025-7961
Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago
Description : Improper Control of Generation of Code ('Code Injection') vulnerability in Wulkano KAP on MacOS allows TCC Bypass.This issue affects KAP: 3.6.0.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8092 - "Drupal COOKiES Consent Management Cross-Site Scripting"
CVE ID : CVE-2025-8092
Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting (XSS).This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.16.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8361
Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago
Description : Missing Authorization vulnerability in Drupal Config Pages allows Forceful Browsing.This issue affects Config Pages: from 0.0.0 before 2.18.0.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8362
Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal GoogleTag Manager allows Cross-Site Scripting (XSS).This issue affects GoogleTag Manager: from 0.0.0 before 1.10.0.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8675
Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago
Description : Server-Side Request Forgery (SSRF) vulnerability in Drupal AI SEO Link Advisor allows Server Side Request Forgery.This issue affects AI SEO Link Advisor: from 0.0.0 before 1.0.6.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8995
Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago
Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8996
Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago
Description : Missing Authorization vulnerability in Drupal Layout Builder Advanced Permissions allows Forceful Browsing.This issue affects Layout Builder Advanced Permissions: from 0.0.0 before 2.2.0.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9060
Published : Aug. 15, 2025, 5:15 p.m. | 10 hours, 36 minutes ago
Description : A vulnerability has been found in the MSoft MFlash
application that allows
execution of arbitrary code on the server. The issue occurs in the
integration configuration functionality that is only available to
MFlash
administrators. The vulnerability is related to insufficient validation
of parameters when setting up security components.
This issue affects MFlash v. 8.0 and possibly others. To mitigate apply 8.2-653 hotfix 11.06.2025 and above.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55207 - Astro Open Redirect Vulnerability
CVE ID : CVE-2025-55207
Published : Aug. 15, 2025, 4:15 p.m. | 11 hours, 36 minutes ago
Description : Astro is a web framework for content-driven websites. Following CVE-2025-54793 there's still an Open Redirect vulnerability in a subset of Astro deployment scenarios prior to version 9.4.1. Astro 5.12.8 addressed CVE-2025-54793 where https://example.com//astro.build/press would redirect to the external origin //astro.build/press. However, with the Node deployment adapter in standalone mode and trailingSlash set to "always" in the Astro configuration, https://example.com//astro.build/press still redirects to //astro.build/press. This affects any user who clicks on a specially crafted link pointing to the affected domain. Since the domain appears legitimate, victims may be tricked into trusting the redirected page, leading to possible credential theft, malware distribution, or other phishing-related attacks. This issue has been patched in version 9.4.1.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8066 - Bunkerity Bunker Web Open Redirect Phishing
CVE ID : CVE-2025-8066
Published : Aug. 15, 2025, 4:15 p.m. | 11 hours, 36 minutes ago
Description : URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Bunkerity Bunker Web on Linux allows Phishing.This issue affects Bunker Web: 1.6.2.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-49432 - FWDesign Ultimate Video Player Missing Authorization Vulnerability
CVE ID : CVE-2025-49432
Published : Aug. 15, 2025, 4:15 p.m. | 9 hours, 46 minutes ago
Description : Missing Authorization vulnerability in FWDesign Ultimate Video Player allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ultimate Video Player: from n/a through 10.1.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-49897
Published : Aug. 15, 2025, 4:15 p.m. | 9 hours, 46 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus Vertical scroll slideshow gallery v2 allows Blind SQL Injection. This issue affects Vertical scroll slideshow gallery v2: from n/a through 9.1.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-49898
Published : Aug. 15, 2025, 4:15 p.m. | 9 hours, 46 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xolluteon Dropshix allows DOM-Based XSS.This issue affects Dropshix: from n/a through 4.0.14.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5047
Published : Aug. 15, 2025, 3:15 p.m. | 8 hours, 46 minutes ago
Description : A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5048
Published : Aug. 15, 2025, 3:15 p.m. | 8 hours, 46 minutes ago
Description : A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24975 - Firebird Database Segfault and Encryption Key Vulnerability
CVE ID : CVE-2025-24975
Published : Aug. 15, 2025, 3:15 p.m. | 6 hours, 46 minutes ago
Description : Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when created versus what is available could result in a segfault in the server process. Encrypted databases, accessed by execute statement on external, may be accessed later by an attachment missing a key to that database. In a case when execute statement are chained, segfault may happen. Additionally, the segfault may affect unencrypted databases. This issue has been patched in snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609 and point releases 4.0.6 and 5.0.2. A workaround for this issue involves setting ExtConnPoolSize equal to 0 in firebird.conf.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54466
Published : Aug. 15, 2025, 3:15 p.m. | 6 hours, 46 minutes ago
Description : Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE in Apache OFBiz scrum plugin.
This issue affects Apache OFBiz: before 24.09.02 only when the scrum plugin is used.
Even unauthenticated attackers can exploit this vulnerability.
Users are recommended to upgrade to version 24.09.02, which fixes the issue.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54989
Published : Aug. 15, 2025, 3:15 p.m. | 6 hours, 46 minutes ago
Description : Firebird is a relational database. Prior to versions 3.0.13, 4.0.6, and 5.0.3, there is an XDR message parsing NULL pointer dereference denial-of-service vulnerability in Firebird. This specific flaw exists within the parsing of xdr message from client. It leads to NULL pointer dereference and DoS. This issue has been patched in versions 3.0.13, 4.0.6, and 5.0.3.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55203
Published : Aug. 15, 2025, 3:15 p.m. | 6 hours, 46 minutes ago
Description : Plane is open-source project management software. Prior to version 0.28.0, a stored cross-site scripting (XSS) vulnerability exists in the description_html field of Plane. This flaw allows an attacker to inject malicious JavaScript code that is stored and later executed in other users’ browsers. The description_html field is not properly sanitized or escaped. An attacker can submit crafted JavaScript payloads that are saved in the application’s database. When another user views the affected content, the injected code executes in their browser, running in the application’s context and bypassing standard security protections. Successful exploitation can lead to session hijacking, theft of sensitive information, or forced redirection to malicious sites. The vulnerability can also be chained with CSRF attacks to perform unauthorized actions, or leveraged to distribute malware and exploit additional browser vulnerabilities. This issue has been patched in version 0.28.0.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5046
Published : Aug. 15, 2025, 3:15 p.m. | 6 hours, 46 minutes ago
Description : A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-12573 - Apache Web Server Authentication Bypass
CVE ID : CVE-2024-12573
Published : Aug. 15, 2025, 3:15 p.m. | 4 hours, 25 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-24752 Reason: This candidate is a reservation duplicate of CVE-2025-24752. Notes: All CVE users should reference CVE-2025-24752 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9052 - Projectworlds Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9052
Published : Aug. 15, 2025, 1:15 p.m. | 6 hours, 25 minutes ago
Description : A vulnerability was identified in projectworlds Travel Management System 1.0. This affects an unknown part of the file /updatepackage.php. The manipulation of the argument s1 leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9053 - Projectworlds Travel Management System SQL Injection
CVE ID : CVE-2025-9053
Published : Aug. 15, 2025, 1:15 p.m. | 6 hours, 25 minutes ago
Description : A vulnerability has been found in projectworlds Travel Management System 1.0. This vulnerability affects unknown code of the file /updatesubcategory.php. The manipulation of the argument t1/s1 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9050 - "Projectworlds Travel Management System SQL Injection Vulnerability"
CVE ID : CVE-2025-9050
Published : Aug. 15, 2025, 12:15 p.m. | 5 hours, 59 minutes ago
Description : A vulnerability was found in projectworlds Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /addcategory.php. The manipulation of the argument t1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9051 - Projectworlds Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9051
Published : Aug. 15, 2025, 12:15 p.m. | 5 hours, 59 minutes ago
Description : A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-1929 - Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı SQL Injection Vulnerability
CVE ID : CVE-2025-1929
Published : Aug. 15, 2025, 12:15 p.m. | 3 hours, 45 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection.This issue affects Reel Sektör Hazine ve Risk Yönetimi Yazılımı: through 1.0.0.4.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54473
Published : Aug. 15, 2025, 12:15 p.m. | 3 hours, 45 minutes ago
Description : An authenticated RCE vulnerability in Phoca Commander component 1.0.0-4.0.0 and 5.0.0-5.0.1 for Joomla was discovered. The issue allows code execution via the unzip feature.
Severity: 9.2 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54474
Published : Aug. 15, 2025, 12:15 p.m. | 3 hours, 45 minutes ago
Description : A SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1 for Joomla was discovered. The issue allows privileged users to execute arbitrary SQL commands.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54475 - "Joomla JS Jobs Plugin SQL Injection Vulnerability"
CVE ID : CVE-2025-54475
Published : Aug. 15, 2025, 12:15 p.m. | 3 hours, 45 minutes ago
Description : A SQL injection vulnerability in the JS Jobs plugin versions 1.3.2-1.4.4 for Joomla allows low-privilege users to execute arbitrary SQL commands.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-26709 - ZTE F50 Web Module Unauthorized Access Vulnerability
CVE ID : CVE-2025-26709
Published : Aug. 15, 2025, 11:15 a.m. | 4 hours, 45 minutes ago
Description : There is an unauthorized access vulnerability in ZTE F50. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9028 - "Code-projects Online Medicine Guide SQL Injection Vulnerability"
CVE ID : CVE-2025-9028
Published : Aug. 15, 2025, 11:15 a.m. | 4 hours, 45 minutes ago
Description : A vulnerability was found in code-projects Online Medicine Guide 1.0. This issue affects some unknown processing of the file /adphar.php. The manipulation of the argument phuname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9046
Published : Aug. 15, 2025, 11:15 a.m. | 4 hours, 45 minutes ago
Description : A vulnerability was identified in Tenda AC20 16.03.08.12. This issue affects the function sub_46A2AC of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9047 - Projectworlds Visitor Management System SQL Injection
CVE ID : CVE-2025-9047
Published : Aug. 15, 2025, 11:15 a.m. | 4 hours, 45 minutes ago
Description : A vulnerability has been found in projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /visitor_out.php. The manipulation of the argument rid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9026 - D-Link DIR-860L OS Command Injection Vulnerability
CVE ID : CVE-2025-9026
Published : Aug. 15, 2025, 10:15 a.m. | 5 hours, 45 minutes ago
Description : A vulnerability was identified in D-Link DIR-860L 2.04.B04. This affects the function ssdpcgi_main of the file htdocs/cgibin of the component Simple Service Discovery Protocol. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9027 - "Code-Projects Online Medicine Guide SQL Injection"
CVE ID : CVE-2025-9027
Published : Aug. 15, 2025, 10:15 a.m. | 5 hours, 45 minutes ago
Description : A vulnerability has been found in code-projects Online Medicine Guide 1.0. This vulnerability affects unknown code of the file /addelivery.php. The manipulation of the argument deName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9023 - Tenda AC7/AC18 Buffer Overflow in formSetSchedLed
CVE ID : CVE-2025-9023
Published : Aug. 15, 2025, 9:15 a.m. | 6 hours, 45 minutes ago
Description : A vulnerability has been found in Tenda AC7 and AC18 15.03.05.19/15.03.06.44. Affected is the function formSetSchedLed of the file /goform/SetLEDCfg. The manipulation of the argument Time leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9024 - PHPGurukul Beauty Parlour Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9024
Published : Aug. 15, 2025, 9:15 a.m. | 6 hours, 45 minutes ago
Description : A vulnerability was found in PHPGurukul Beauty Parlour Management System 1.1. Affected by this vulnerability is an unknown functionality of the file /book-appointment.php. The manipulation of the argument Message leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9025 - Simple Cafe Ordering System SQL Injection Vulnerability
CVE ID : CVE-2025-9025
Published : Aug. 15, 2025, 9:15 a.m. | 6 hours, 45 minutes ago
Description : A vulnerability was determined in code-projects Simple Cafe Ordering System 1.0. Affected by this issue is some unknown functionality of the file /portal.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7650 - WordPress BizCalendar Local File Inclusion Vulnerability
CVE ID : CVE-2025-7650
Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago
Description : The BizCalendar Web plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.0.50 via the 'bizcalv' shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7662 - WordPress Gestion de Tarifs SQL Injection
CVE ID : CVE-2025-7662
Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago
Description : The Gestion de tarifs plugin for WordPress is vulnerable to SQL Injection via the 'tarif' and 'intitule' shortcodes in all versions up to, and including, 1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7688
Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago
Description : The Add User Meta plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the 'add-user-meta' page. This makes it possible for unauthenticated attackers to update settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7778
Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago
Description : The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to insufficient authorization and improper path validation within the delete_files() function in all versions up to, and including, 1.6.12. This makes it possible for unauthenticated attackers to to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8080
Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago
Description : The Alobaidi Captcha plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8091 - WordPress EventON Lite Information Exposure Vulnerability
CVE ID : CVE-2025-8091
Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago
Description : The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the add_single_eventon and add_eventon shortcodes due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to extract data from password protected, private, or draft posts that they should not have access to.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8720
Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago
Description : The Plugin README Parser plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘target’ parameter in all versions up to, and including, 1.3.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8905 - WordPress Inpersttion For Theme Remote Code Execution
CVE ID : CVE-2025-8905
Published : Aug. 15, 2025, 9:15 a.m. | 4 hours, 45 minutes ago
Description : The Inpersttion For Theme plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0 via the theme_section_shortcode() function. This is due to the plugin not restricting what functions can be called. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server which is limited to arbitrary functions without any user supplied parameters.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5844
Published : Aug. 15, 2025, 9:15 a.m. | 2 hours, 46 minutes ago
Description : The Radius Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘subHeadingTagName’ parameter in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7507
Published : Aug. 15, 2025, 9:15 a.m. | 2 hours, 46 minutes ago
Description : The elink – Embed Content plugin for WordPress is vulnerable to Malicious Redirect in all versions up to, and including, 1.1.0. This is due to the plugin not restricting URLS that can be supplied through the elink shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to supply an HTML file that can be leverged to redirect users to a malicious domain.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7641
Published : Aug. 15, 2025, 9:15 a.m. | 2 hours, 46 minutes ago
Description : The Assistant for NextGEN Gallery plugin for WordPress is vulnerable to arbitrary directory deletion due to insufficient file path validation in the /wp-json/nextgenassistant/v1.0.0/control REST endpoint in all versions up to, and including, 1.0.9. This makes it possible for unauthenticated attackers to delete arbitrary directories on the server, which can cause a complete loss of availability.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8604
Published : Aug. 15, 2025, 8:15 a.m. | 3 hours, 46 minutes ago
Description : The WP Table Builder – WordPress Table Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wptb shortcode in all versions up to, and including, 2.0.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9020 - "PX4 Mavlink Shell Use After Free Vulnerability"
CVE ID : CVE-2025-9020
Published : Aug. 15, 2025, 8:15 a.m. | 3 hours, 46 minutes ago
Description : A vulnerability was found in PX4 PX4-Autopilot up to 1.15.4. This issue affects the function MavlinkReceiver::handle_message_serial_control of the file src/modules/mavlink/mavlink_receiver.cpp of the component Mavlink Shell Closing Handler. The manipulation of the argument _mavlink_shell leads to use after free. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The identifier of the patch is 4395d4f00c49b888f030f5b43e2a779f1fa78708. It is recommended to apply a patch to fix this issue.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9021 - SourceCodester Online Bank Management System SQL Injection
CVE ID : CVE-2025-9021
Published : Aug. 15, 2025, 8:15 a.m. | 3 hours, 46 minutes ago
Description : A vulnerability was determined in SourceCodester Online Bank Management System up to 1.0. This vulnerability affects unknown code of the file /bank/transfer.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9022 - SourceCodester Online Bank Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9022
Published : Aug. 15, 2025, 8:15 a.m. | 3 hours, 46 minutes ago
Description : A vulnerability was identified in SourceCodester Online Bank Management System up to 1.0. This issue affects some unknown processing of the file /bank/statements.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9019
Published : Aug. 15, 2025, 7:15 a.m. | 4 hours, 46 minutes ago
Description : A vulnerability has been found in tcpreplay 4.5.1. This vulnerability affects the function mask_cidr6 of the file cidr.c of the component tcpprep. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The researcher is able to reproduce this with the latest official release 4.5.1 and the current master branch. The code maintainer cannot reproduce this for 4.5.2-beta1. In his reply the maintainer explains that "[i]n that case, this is a duplicate that was fixed in 4.5.2."
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6679 - Bit Form for WordPress Remote File Upload Vulnerability
CVE ID : CVE-2025-6679
Published : Aug. 15, 2025, 7:15 a.m. | 2 hours, 52 minutes ago
Description : The Bit Form builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 2.20.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. For this to be exploitable, the PRO version needs to be installed and activated as well. Additionally a form with an advanced file upload element needs to be published.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8013 - Quttera Web Malware Scanner for WordPress SSRF
CVE ID : CVE-2025-8013
Published : Aug. 15, 2025, 7:15 a.m. | 2 hours, 52 minutes ago
Description : The Quttera Web Malware Scanner plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.5.1.41 via the 'RunExternalScan' function. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.
Severity: 3.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8451
Published : Aug. 15, 2025, 7:15 a.m. | 2 hours, 52 minutes ago
Description : The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘data-gallery-items’ parameter in all versions up to, and including, 6.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9016 - Mechrevo Control Center GX Powershell Uncontrolled Search Path Vulnerability
CVE ID : CVE-2025-9016
Published : Aug. 15, 2025, 7:15 a.m. | 2 hours, 52 minutes ago
Description : A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an unknown part of the file C:\Program Files\OEM\机械革命控制中心\AiStoneService\MyControlCenter\Command of the component Powershell Script Handler. The manipulation leads to uncontrolled search path. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9017 - PHPGurukul Zoo Management System Cross Site Scripting Vulnerability
CVE ID : CVE-2025-9017
Published : Aug. 15, 2025, 7:15 a.m. | 2 hours, 52 minutes ago
Description : A vulnerability has been found in PHPGurukul Zoo Management System 2.1. This vulnerability affects unknown code of the file /admin/add-foreigner-ticket.php. The manipulation of the argument visitorname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9013
Published : Aug. 15, 2025, 6:15 a.m. | 3 hours, 52 minutes ago
Description : A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.0. This vulnerability affects unknown code of the file /shopping/password-recovery.php. The manipulation of the argument emailid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9012
Published : Aug. 15, 2025, 6:15 a.m. | 1 hour, 46 minutes ago
Description : A vulnerability was identified in PHPGurukul Online Shopping Portal Project 2.0. This affects an unknown part of the file shopping/bill-ship-addresses.php. The manipulation of the argument billingpincode leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31961 - HCL Connections Broken Access Control Vulnerability
CVE ID : CVE-2025-31961
Published : Aug. 15, 2025, 5:15 a.m. | 2 hours, 46 minutes ago
Description : HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9009 - "iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability"
CVE ID : CVE-2025-9009
Published : Aug. 15, 2025, 5:15 a.m. | 2 hours, 46 minutes ago
Description : A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/email_setup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9010 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9010
Published : Aug. 15, 2025, 5:15 a.m. | 2 hours, 46 minutes ago
Description : A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/booking_report.php. The manipulation of the argument from_date leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9011
Published : Aug. 15, 2025, 5:15 a.m. | 2 hours, 46 minutes ago
Description : A vulnerability was determined in PHPGurukul Online Shopping Portal Project 2.0. Affected by this issue is some unknown functionality of the file /shopping/signup.php. The manipulation of the argument emailid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9007
Published : Aug. 15, 2025, 4:15 a.m. | 3 hours, 45 minutes ago
Description : A vulnerability has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formeditFileName of the file /goform/editFileName. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9008 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-9008
Published : Aug. 15, 2025, 4:15 a.m. | 3 hours, 45 minutes ago
Description : A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/sms_setting.php. The manipulation of the argument uname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6025 - WooCommerce Order Tip Improper Input Validation Vulnerability
CVE ID : CVE-2025-6025
Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago
Description : The Order Tip for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Improper Input Validation in all versions up to, and including, 1.5.4. This is due to lack of server-side validation on the `data-tip` attribute, which makes it possible for unauthenticated attackers to apply an excessive or even negative tip amount, resulting in unauthorized discount up to free orders depending on the value submitted.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8342 - WooCommerce OTP Login With Phone Number Authentication Bypass Vulnerability
CVE ID : CVE-2025-8342
Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago
Description : The WooCommerce OTP Login With Phone Number, OTP Verification plugin for WordPress is vulnerable to authentication bypass due to insufficient empty value checking in the lwp_ajax_register function in all versions up to, and including, 1.8.47. This makes it possible for unauthenticated attackers to bypass OTP verification and gain administrative access to any user account with a configured phone number by exploiting improper Firebase API error handling when the Firebase API key is not configured.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8676 - Gutenberg Slider Block for WP Sensitive Information Exposure
CVE ID : CVE-2025-8676
Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago
Description : The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Sensitive Information Exposure in versions less than, or equal to, 2.0.0 via the get_active_plugins function. This makes it possible for authenticated attackers, with subscriber-level access and above to extract sensitive data including installed plugin information.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8680
Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago
Description : The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Server-Side Request Forgery in version less than, or equal to, 2.0.0 via the fs_api_request function. This makes it possible for authenticated attackers, with subscriber-level access and above to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8867
Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago
Description : The Graphina - Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple chart widget parameters in version 3.1.3 and below. This is due to insufficient input sanitization and output escaping on user supplied attributes such as chart categories, titles, and tooltip settings. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9001
Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago
Description : A vulnerability was determined in LemonOS up to nightly-2024-07-12 on LemonOS. Affected by this issue is the function HTTPGet of the file /Applications/Steal/main.cpp of the component HTTP Client. The manipulation of the argument chunkSize leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9002
Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago
Description : A vulnerability was identified in Surbowl dormitory-management-php 1.0. This affects an unknown part of the file login.php. The manipulation of the argument Account leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9003
Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago
Description : A vulnerability has been found in D-Link DIR-818LW 1.04. This vulnerability affects unknown code of the file /bsc_lan.php of the component DHCP Reserved Address Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9004
Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago
Description : A vulnerability was found in mtons mblog up to 3.5.0. This issue affects some unknown processing of the file /settings/password. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9005 - Mtons Mblogger Information Exposure Vulnerability
CVE ID : CVE-2025-9005
Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago
Description : A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the file /register. The manipulation leads to information exposure through error message. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9006
Published : Aug. 15, 2025, 3:15 a.m. | 4 hours, 46 minutes ago
Description : A vulnerability was identified in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function formdelFileName of the file /goform/delFileName. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55719
Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55720 - Apache HTTP Server Unvalidated Request Parameter
CVE ID : CVE-2025-55720
Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55721 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-55721
Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55722
Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55723 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-55723
Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55724
Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55725 - Apache HTTP Server Command Injection
CVE ID : CVE-2025-55725
Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55726 - Apache Server Cross-Site Request Forgery
CVE ID : CVE-2025-55726
Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 44 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55718 - Apache HTTP Server Unvalidated Request Parameter
CVE ID : CVE-2025-55718
Published : Aug. 15, 2025, 3:15 a.m. | 45 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8992
Published : Aug. 15, 2025, 2:15 a.m. | 1 hour, 45 minutes ago
Description : A vulnerability has been found in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8993 - iSourcecode Online Tour and Travel Management System SQL Injection
CVE ID : CVE-2025-8993
Published : Aug. 15, 2025, 2:15 a.m. | 1 hour, 45 minutes ago
Description : A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/expense_report.php. The manipulation of the argument from_date leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9000 - Mechrevo Control Center GX Path Traversal
CVE ID : CVE-2025-9000
Published : Aug. 15, 2025, 2:15 a.m. | 1 hour, 45 minutes ago
Description : A vulnerability was found in Mechrevo Control Center GX V2 5.56.51.48. Affected by this vulnerability is an unknown functionality of the component reg File Handler. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8990 - Code-projects Online Medicine Guide SQL Injection Vulnerability
CVE ID : CVE-2025-8990
Published : Aug. 15, 2025, 1:16 a.m. | 2 hours, 44 minutes ago
Description : A vulnerability was determined in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /browsemdcn.php. The manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8991
Published : Aug. 15, 2025, 1:16 a.m. | 2 hours, 44 minutes ago
Description : A vulnerability was identified in linlinjava litemall up to 1.8.0. Affected by this vulnerability is an unknown functionality of the file /admin/config/express of the component Business Logic Handler. The manipulation of the argument litemall_express_freight_min leads to business logic errors. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8989 - SourceCodester COVID 19 Testing Management System SQL Injection
CVE ID : CVE-2025-8989
Published : Aug. 15, 2025, 1:16 a.m. | 45 minutes ago
Description : A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. This issue affects some unknown processing of the file /edit-phlebotomist.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31987 - HCL Connections Denial of Service
CVE ID : CVE-2025-31987
Published : Aug. 14, 2025, 11:15 p.m. | 2 hours, 46 minutes ago
Description : HCL Connections Docs may mishandle validation of certain uploaded documents leading to denial of service due to resource exhaustion.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8987
Published : Aug. 14, 2025, 11:15 p.m. | 2 hours, 46 minutes ago
Description : A vulnerability was identified in SourceCodester COVID 19 Testing Management System 1.0. This affects an unknown part of the file /test-details.php. The manipulation of the argument remark leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8988 - SourceCodester COVID 19 Testing Management System SQL Injection
CVE ID : CVE-2025-8988
Published : Aug. 14, 2025, 11:15 p.m. | 2 hours, 46 minutes ago
Description : A vulnerability has been found in SourceCodester COVID 19 Testing Management System 1.0. This vulnerability affects unknown code of the file /bwdates-report-result.php. The manipulation of the argument fromdate leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8984 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8984
Published : Aug. 14, 2025, 10:15 p.m. | 3 hours, 46 minutes ago
Description : A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/expense_category.php. The manipulation of the argument expense_name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8985 - SourceCodester COVID 19 Testing Management System SQL Injection
CVE ID : CVE-2025-8985
Published : Aug. 14, 2025, 10:15 p.m. | 3 hours, 46 minutes ago
Description : A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8986
Published : Aug. 14, 2025, 10:15 p.m. | 3 hours, 46 minutes ago
Description : A vulnerability was determined in SourceCodester COVID 19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /search-report-result.php. The manipulation of the argument serachdata leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8982 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8982
Published : Aug. 14, 2025, 9:15 p.m. | 4 hours, 46 minutes ago
Description : A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/currency.php. The manipulation of the argument curr_code leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8983 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8983
Published : Aug. 14, 2025, 9:15 p.m. | 4 hours, 46 minutes ago
Description : A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expense_for leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50861
Published : Aug. 14, 2025, 8:15 p.m. | 5 hours, 46 minutes ago
Description : The Lotus Cars Android app (com.lotus.carsdomestic.intl) 1.2.8 contains an exported component, PushDeepLinkActivity, which is accessible without authentication via ADB or malicious apps. This poses a risk of unintended access to application internals and can cause denial of service or logic abuse.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50862 - Lotus Cars Android App Data Exfiltration Vulnerability
CVE ID : CVE-2025-50862
Published : Aug. 14, 2025, 8:15 p.m. | 5 hours, 46 minutes ago
Description : The Lotus Cars Android app (com.lotus.carsdomestic.intl) 1.2.8 has allowBackup=true set in its manifest, allowing data exfiltration via ADB backup on rooted or debug-enabled devices. This presents a risk of user data exposure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51965
Published : Aug. 14, 2025, 8:15 p.m. | 5 hours, 46 minutes ago
Description : OURPHP thru 8.6.1 is vulnerable to Cross-Site Scripting (XSS) via the "Name" field of the "Complete Profile" functionality under the "My User Center" page, which can be accessed after registering through the front-end interface.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8979
Published : Aug. 14, 2025, 8:15 p.m. | 5 hours, 46 minutes ago
Description : A vulnerability was identified in Tenda AC15 15.13.07.13. Affected by this vulnerability is the function check_fw_type/split_fireware/check_fw of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8980
Published : Aug. 14, 2025, 8:15 p.m. | 5 hours, 46 minutes ago
Description : A vulnerability has been found in Tenda G1 16.01.7.8(3660). Affected by this issue is the function check_upload_file of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8981 - iSourcecode Online Tour and Travel Management System SQL Injection
CVE ID : CVE-2025-8981
Published : Aug. 14, 2025, 8:15 p.m. | 5 hours, 46 minutes ago
Description : A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/payment.php. The manipulation of the argument payment_type leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55711
Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Table Builder WP Table Builder allows Stored XSS. This issue affects WP Table Builder: from n/a through 2.0.12.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55712 - POSIMYTH The Plus Addons for Elementor Page Builder Lite Missing Authorization Vulnerability
CVE ID : CVE-2025-55712
Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago
Description : Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 6.3.13.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55713
Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeThemes Blocksy allows Stored XSS. This issue affects Blocksy: from n/a through 2.1.6.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55714 - Crocoblock JetElements For Elementor Cross-site Scripting (XSS)
CVE ID : CVE-2025-55714
Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetElements For Elementor allows Stored XSS. This issue affects JetElements For Elementor: from n/a through 2.7.9.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55716
Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago
Description : Missing Authorization vulnerability in VeronaLabs WP Statistics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Statistics: from n/a through 14.15.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8975
Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago
Description : A vulnerability was identified in givanz Vvveb up to 1.0.5. This affects an unknown part of the file admin/template/content/edit.tpl. The manipulation of the argument slug leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The patch is named 84c11d69df8452dc378feecd17e2a62ac10dac66. It is recommended to upgrade the affected component.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8976
Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago
Description : A vulnerability has been found in givanz Vvveb up to 1.0.5. This vulnerability affects unknown code of the file /vadmin123/index.php?module=content/post&type=post of the component Endpoint. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. It is recommended to upgrade the affected component.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8978
Published : Aug. 14, 2025, 7:15 p.m. | 6 hours, 45 minutes ago
Description : A vulnerability was determined in D-Link DIR-619L 6.02CN02. Affected is the function FirmwareUpgrade of the component boa. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55708 - ExpressTech Systems Quiz And Survey Master SQL Injection
CVE ID : CVE-2025-55708
Published : Aug. 14, 2025, 7:15 p.m. | 4 hours, 43 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Systems Quiz And Survey Master allows SQL Injection. This issue affects Quiz And Survey Master: from n/a through 10.2.4.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55709
Published : Aug. 14, 2025, 7:15 p.m. | 4 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visual Composer Visual Composer Website Builder allows Stored XSS. This issue affects Visual Composer Website Builder: from n/a through n/a.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55710
Published : Aug. 14, 2025, 7:15 p.m. | 4 hours, 43 minutes ago
Description : Insertion of Sensitive Information Into Sent Data vulnerability in Steve Burge TaxoPress allows Retrieve Embedded Sensitive Data. This issue affects TaxoPress: from n/a through 3.37.2.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54736 - NordicMade Savoy Information Exposure
CVE ID : CVE-2025-54736
Published : Aug. 14, 2025, 7:15 p.m. | 2 hours, 43 minutes ago
Description : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in NordicMade Savoy allows Retrieve Embedded Sensitive Data. This issue affects Savoy: from n/a through 3.0.8.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54739
Published : Aug. 14, 2025, 7:15 p.m. | 2 hours, 43 minutes ago
Description : Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexter Blocks: from n/a through 4.5.4.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54740 - Michael Nelson Print My Blog Stored Cross-site Scripting
CVE ID : CVE-2025-54740
Published : Aug. 14, 2025, 7:15 p.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Nelson Print My Blog allows Stored XSS. This issue affects Print My Blog: from n/a through 3.27.9.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54746
Published : Aug. 14, 2025, 7:15 p.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cartpauj Shortcode Redirect allows Stored XSS. This issue affects Shortcode Redirect: from n/a through 1.0.02.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54747
Published : Aug. 14, 2025, 7:15 p.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbakery Templatera allows DOM-Based XSS. This issue affects Templatera: from n/a through 2.3.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54749
Published : Aug. 14, 2025, 7:15 p.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetProductGallery allows Stored XSS. This issue affects JetProductGallery: from n/a through 2.2.0.2.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54730 - PARETO Digital Embedder for Google Reviews Missing Authorization Vulnerability
CVE ID : CVE-2025-54730
Published : Aug. 14, 2025, 7:15 p.m. | 1 hour, 28 minutes ago
Description : Missing Authorization vulnerability in PARETO Digital Embedder for Google Reviews allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Embedder for Google Reviews: from n/a through 1.7.3.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54732
Published : Aug. 14, 2025, 7:15 p.m. | 1 hour, 28 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Shahjada WPDM – Premium Packages allows Cross Site Request Forgery. This issue affects WPDM – Premium Packages: from n/a through 6.0.2.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54712
Published : Aug. 14, 2025, 7:15 p.m. | 44 minutes ago
Description : Missing Authorization vulnerability in hashthemes Easy Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Easy Elementor Addons: from n/a through 2.2.7.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54715 - UKR Solution Barcode Scanner with Inventory Order Manager Path Traversal
CVE ID : CVE-2025-54715
Published : Aug. 14, 2025, 7:15 p.m. | 44 minutes ago
Description : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager allows Path Traversal. This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through 1.9.0.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54717
Published : Aug. 14, 2025, 7:15 p.m. | 44 minutes ago
Description : Missing Authorization vulnerability in e-plugins WP Membership allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Membership: from n/a through 1.6.3.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54727 - CreativeMindsSolutions CM On Demand Search And Replace Stored Cross-site Scripting
CVE ID : CVE-2025-54727
Published : Aug. 14, 2025, 7:15 p.m. | 44 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM On Demand Search And Replace allows Stored XSS. This issue affects CM On Demand Search And Replace: from n/a through 1.5.2.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54728 - CreativeMindsSolutions CM On Demand Search And Replace CSRF Vulnerability
CVE ID : CVE-2025-54728
Published : Aug. 14, 2025, 7:15 p.m. | 44 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace allows Cross Site Request Forgery. This issue affects CM On Demand Search And Replace: from n/a through 1.5.2.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54729
Published : Aug. 14, 2025, 7:15 p.m. | 44 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webba Appointment Booking Webba Booking allows Stored XSS. This issue affects Webba Booking: from n/a through 6.0.5.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-43687
Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago
Description : An issue was discovered in Malwarebytes before 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). There is a Race condition that leads to code execution because of a lack of locks between file verification and execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-37945
Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.5.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21110 - Dell Data Lakehouse Privilege Escalation Vulnerability
CVE ID : CVE-2025-21110
Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago
Description : Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51986
Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago
Description : An issue was discovered in the demo/LINUXTCP implementation of cwalter-at freemodbus v.2018-09-12 allowing attackers to reach an infinite loop via a crafted length value for a packet.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52335 - EyouCMS Cross Site Scripting (XSS)
CVE ID : CVE-2025-52335
Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago
Description : EyouCMS 1.7.3 is vulnerale to Cross Site Scripting (XSS) in index.php, which can be exploited to obtain sensitive information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8972 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8972
Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago
Description : A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8973 - SourceCodester Cashier Queuing System SQL Injection Vulnerability
CVE ID : CVE-2025-8973
Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago
Description : A vulnerability has been found in SourceCodester Cashier Queuing System 1.0. Affected is an unknown function of the file /Actions.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8974
Published : Aug. 14, 2025, 6:15 p.m. | 28 minutes ago
Description : A vulnerability was determined in linlinjava litemall up to 1.8.0. Affected by this issue is some unknown functionality of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/util/JwtHelper.java of the component JSON Web Token Handler. The manipulation of the argument SECRET with the input X-Litemall-Token leads to hard-coded credentials. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20254 - Cisco Secure Firewall ASA/FTD IKEv2 Packet Parsing Denial of Service
CVE ID : CVE-2025-20254
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition.
This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending a continuous stream of crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to partially exhaust system memory, causing system instability like being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20263
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : A vulnerability in the web services interface of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system.
This vulnerability is due to insufficient boundary checks for specific data that is provided to the web services interface of an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could cause the system to reload, resulting in a denial of service (DoS) condition.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20265
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device.
This vulnerability is due to a lack of proper handling of user input during the authentication phase. An attacker could exploit this vulnerability by sending crafted input when entering credentials that will be authenticated at the configured RADIUS server. A successful exploit could allow the attacker to execute commands at a high privilege level.
Note: For this vulnerability to be exploited, Cisco Secure FMC Software must be configured for RADIUS authentication for the web-based management interface, SSH management, or both.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20268
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : A vulnerability in the Geolocation-Based Remote Access (RA) VPN feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies to allow or deny HTTP connections based on a country or region.
This vulnerability exists because the URL string is not fully parsed. An attacker could exploit this vulnerability by sending a crafted HTTP connection through the targeted device. A successful exploit could allow the attacker to bypass configured policies and gain access to a network where the connection should have been denied.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20301
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to access troubleshoot files for a different domain.
This vulnerability is due to missing authorization checks. An attacker could exploit this vulnerability by directly accessing a troubleshoot file for a different domain that is managed on the same Cisco Secure FMC instance. A successful exploit could allow the attacker to retrieve a troubleshoot file for a different domain, which could allow the attacker to access sensitive information contained in the troubleshoot file.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20302
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to retrieve a generated report from a different domain.
This vulnerability is due to missing authorization checks. An attacker could exploit this vulnerability by directly accessing a generated report file for a different domain that is managed on the same Cisco Secure FMC instance. A successful exploit could allow the attacker to access a previously run report for a different domain, which could allow an attacker to read activity recorded in that domain.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20306
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system.
This vulnerability is due to insufficient input validation of certain HTTP request parameters that are sent to the web-based management interface. An attacker could exploit this vulnerability by authenticating to the interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute commands as the root user on the affected device. To exploit this vulnerability, an attacker would need Administrator-level credentials.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50515
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : An issue was discovered in phome Empirebak 2010 in ebak2008/upload/class/config.php allowing attackers to execute arbitrary code when the config file was loaded.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50817
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if present in the same directory or in the sys.path. This behavior can be exploited by an attacker who has the ability to write files to the server, allowing the execution of arbitrary code.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55192
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : HomeAssistant-Tapo-Control offers Control for Tapo cameras as a Home Assistant component. Prior to commit 2a3b80f, there is a code injection vulnerability in the GitHub Actions workflow .github/workflows/issues.yml. It does not affect users of the Home Assistant integration itself — it only impacts the GitHub Actions environment for this repository. The vulnerable workflow directly inserted user-controlled content from the issue body (github.event.issue.body) into a Bash conditional without proper sanitization. A malicious GitHub user could craft an issue body that executes arbitrary commands on the GitHub Actions runner in a privileged context whenever an issue is opened. The potential impact is limited to the repository’s CI/CD environment, which could allow access to repository contents or GitHub Actions secrets. This issue has been patched via commit 2a3b80f. Workarounds involve disabling the affected workflow (issues.yml), replacing the unsafe Bash comparison with a safe quoted grep (or a pure GitHub Actions expression check), or ensuring minimal permissions in workflows (permissions: block) to reduce possible impact.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55195 - Deno Standard Library Prototype Pollution
CVE ID : CVE-2025-55195
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : @std/toml is the Deno Standard Library. Prior to version 1.0.9, an attacker can pollute the prototype chain in Node.js runtime and Browser when parsing untrusted TOML data, thus achieving Prototype Pollution (PP) vulnerability. This is because the library is merging an untrusted object with an empty object, which by default the empty object has the prototype chain. This issue has been patched in version 1.0.9.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8968 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8968
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/disapprove_user.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8969 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8969
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/approve_user.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8970 - iSourcecode Online Tour and Travel Management System SQL Injection
CVE ID : CVE-2025-8970
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This affects an unknown part of the file /admin/operations/booking.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8971 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8971
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. This vulnerability affects unknown code of the file /admin/operations/travellers.php. The manipulation of the argument val-username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9039
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : We identified an issue in the Amazon ECS agent where, under certain conditions, an introspection server could be accessed off-host by another instance if the instances are in the same security group or if their security groups allow incoming connections that include the port where the server is hosted. This issue does not affect instances where the option to allow off-host access to the introspection server is set to 'false'.
This issue has been addressed in ECS agent version 1.97.1. We recommend upgrading to the latest version and ensuring any forked or derivative code is patched to incorporate the new fixes.
If customers cannot update to the latest AMI, they can modify the Amazon EC2 security groups to restrict incoming access to the introspection server port (51678).
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9043
Published : Aug. 14, 2025, 5:15 p.m. | 1 hour, 28 minutes ago
Description : The service executable path in Seagate Toolkit on Versions prior to 2.34.0.33 on Windows allows an attacker with Admin privileges to exploit a vulnerability as classified under CWE-428: Unquoted Search Path or Element. An attacker with write permissions to the root could place a malicious Program.exe file, which would execute with SYSTEM privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20237
Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago
Description : A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to insufficient input validation of commands that are supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input for specific commands. A successful exploit could allow the attacker to execute commands on the underlying operating system as root.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20238
Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago
Description : A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to insufficient input validation of commands that are supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input for specific commands. A successful exploit could allow the attacker to execute commands on the underlying operating system as root.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20239
Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago
Description : A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition.
This vulnerability is due to a lack of proper processing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. In the case of Cisco IOS and IOS XE Software, a successful exploit could allow the attacker to cause the device to reload unexpectedly. In the case of Cisco ASA and FTD Software, a successful exploit could allow the attacker to partially exhaust system memory, causing system instability such as being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20243 - Cisco Secure Firewall ASA/FTD Unauthenticated Remote DoS Vulnerability
CVE ID : CVE-2025-20243
Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago
Description : A vulnerability in the management and VPN web servers of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a DoS condition.
This vulnerability is due to improper validation of user-supplied input on an interface with VPN web services. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on an affected device. A successful exploit could allow the attacker to cause a DoS condition when the device reloads.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20244 - Cisco Secure Firewall Adaptive Security Appliance/Threat Defense SSL VPN HTTP Header Field Denial of Service (DoS) Vulnerability
CVE ID : CVE-2025-20244
Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago
Description : A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow a remote attacker that is authenticated as a VPN user to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.
This vulnerability is due to incomplete error checking when parsing an HTTP header field value. An attacker could exploit this vulnerability by sending a crafted HTTP request to a targeted Remote Access SSL VPN service on an affected device. A successful exploit could allow the attacker to cause a DoS condition, which would cause the affected device to reload.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20251
Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago
Description : A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to create or delete arbitrary files on the underlying operating system. If critical system files are manipulated, new Remote Access SSL VPN sessions could be denied and existing sessions could be dropped, causing a denial of service (DoS) condition. An exploited device requires a manual reboot to recover.
This vulnerability is due to insufficient input validation when processing HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to create or delete files on the underlying operating system, which could cause the Remote Access SSL VPN service to become unresponsive.
To exploit this vulnerability, the attacker must be authenticated as a VPN user of the affected device.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20252 - Cisco Secure Firewall Adaptive Security Appliance IKEv2 Memory Leak Denial of Service
CVE ID : CVE-2025-20252
Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago
Description : A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition.
This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending a continuous stream of crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to partially exhaust system memory, causing system instability like being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20253
Published : Aug. 14, 2025, 5:15 p.m. | 40 minutes ago
Description : A vulnerability in the IKEv2 feature of Cisco IOS Software, IOS XE Software, Secure Firewall ASA Software, and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a DoS condition.
This vulnerability is due to the improper processing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to cause an infinite loop that exhausts resources and could cause the device to reload.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-43694 - Malwarebytes Out-Of-Bounds Read Denial Of Service
CVE ID : CVE-2023-43694
Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago
Description : An issue was discovered in Malwarebytes 4.6.14.326 and before and 5.1.5.116 and before (and Nebula 2020-10-21 and later). An Out of bounds read in several disassembling utilities causes stability issues and denial of service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-33142 - IBM WebSphere Application Server TLS Weak Security
CVE ID : CVE-2025-33142
Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago
Description : IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for TLS connections.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36047 - IBM WebSphere Application Server Liberty Denial of Service
CVE ID : CVE-2025-36047
Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago
Description : IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50518
Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago
Description : A use-after-free vulnerability exists in the coap_delete_pdu_lkd function within coap_pdu.c of the libcoap library. This issue occurs due to improper handling of memory after the freeing of a PDU object, leading to potential memory corruption or the possibility of executing arbitrary code.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53631
Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago
Description : flaskBlog is a blog app built with Flask. In versions 2.8.1 and prior, improper sanitization of postContent when submitting POST requests to /createpost leads to arbitrary JavaScript execution (XSS) on all pages the post is reflected on including /, /post/[ID], /admin/posts, and /user/[ID] of the user that made the post. At time of publication, there are no public patches available.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54389
Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago
Description : AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and/or tamper with the log output. A local user might exploit this to bypass the AIDE detection of malicious files. Additionally the output of extended attribute key names and symbolic links targets are also not properly neutralized. This issue has been patched in version 0.19.2. A workaround involves configuring AIDE to write the report output to a regular file, redirecting stdout to a regular file, or redirecting the log output written to stderr to a regular file.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54409
Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago
Description : AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a key containing a comma. A local user might exploit this to cause a local denial of service. This issue has been patched in version 0.19.2. A workaround involves removing xattrs group from rules matching files on affected file systems.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54867
Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago
Description : Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8965
Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago
Description : A vulnerability has been found in linlinjava litemall up to 1.8.0. This vulnerability affects the function create of the file litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java of the component Endpoint. The manipulation of the argument File leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8966 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8966
Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago
Description : A vulnerability was found in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/tax.php. The manipulation of the argument tname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8967 - iSourcecode Online Tour and Travel Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8967
Published : Aug. 14, 2025, 4:15 p.m. | 49 minutes ago
Description : A vulnerability was determined in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/operations/packages.php. The manipulation of the argument pname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-36612
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : SupportAssist for Business PCs, version(s) 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-36613
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access.
Severity: 2.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38738
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : SupportAssist for Home PCs Installer exe version(s) 4.8.2.29006 and prior, contain(s) an Incorrect Privilege Assignment vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38745 - Dell OpenManage Enterprise Log Insertion Information Exposure
CVE ID : CVE-2025-38745
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : Dell OpenManage Enterprise, versions 3.10, 4.0, 4.1, and 4.2, contains an Insertion of Sensitive Information into Log File vulnerability in the Backup and Restore. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40758
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : A vulnerability has been identified in Mendix SAML (Mendix 10.12 compatible) (All versions < V4.0.3), Mendix SAML (Mendix 10.21 compatible) (All versions < V4.1.2), Mendix SAML (Mendix 9.24 compatible) (All versions < V3.6.21). Affected versions of the module insufficiently enforce signature validation and binding checks. This could allow unauthenticated remote attackers to hijack an account in specific SSO configurations.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43983 - KuWFi CPF908-CP5 WEB LCD Device Authentication Bypass and Command Injection
CVE ID : CVE-2025-43983
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : KuWFi CPF908-CP5 WEB5.0_LCD_20210125 devices have multiple unauthenticated access control vulnerabilities within goform/goform_set_cmd_process and goform/goform_get_cmd_process. These allow an unauthenticated attacker to retrieve sensitive information (including the device admin username and password), modify critical device settings, and send arbitrary SMS messages.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7971
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment variables. If the specified path lacks a valid file, Logix Designer crashes; However, it may be possible to execute malicious code without triggering a crash.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7972
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8875 - N-able N-central Deserialization of Untrusted Data Remote Code Execution Vulnerability
CVE ID : CVE-2025-8875
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8876 - N-able N-central OS Command Injection
CVE ID : CVE-2025-8876
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8962 - Hostel Management System Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-8962
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : A vulnerability was found in code-projects Hostel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file hostel_manage.exe of the component Login Form. The manipulation of the argument uname leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8964 - Code-Projects Hostel Management System Local Authentication Bypass
CVE ID : CVE-2025-8964
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : A vulnerability was identified in code-projects Hostel Management System 1.0. This affects an unknown part of the file hostel_manage.exe of the component Login. The manipulation leads to improper authentication. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9041 - " Schneider Electric 5094-IF8 CIP Class 32 Inhibition Module Fault Vulnerability"
CVE ID : CVE-2025-9041
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault (Code 16#0010), and the module cannot recover without a power cycle.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-9042 - " Schneider Electric 5094-IY8 CIP Class 32 Module Inhibition Vulnerability"
CVE ID : CVE-2025-9042
Published : Aug. 14, 2025, 3:15 p.m. | 1 hour, 49 minutes ago
Description : A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IY8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault (Code 16#0010), and the module cannot recover without a power cycle.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-26484 - Dell CloudLink XML External Entity Reference Denial of Service Vulnerability
CVE ID : CVE-2025-26484
Published : Aug. 14, 2025, 3:15 p.m. | 26 minutes ago
Description : Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restriction of XML External Entity Reference vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27845 - ESPEC North America Web Controller Authentication Bypass
CVE ID : CVE-2025-27845
Published : Aug. 14, 2025, 3:15 p.m. | 26 minutes ago
Description : In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ with any invalid authentication request results in exposing a JWT secret. This allows for elevated permissions to the UI.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27846 - ESPEC North America Web Controller Bootloader Privilege Escalation
CVE ID : CVE-2025-27846
Published : Aug. 14, 2025, 3:15 p.m. | 26 minutes ago
Description : In ESPEC North America Web Controller 3 before 3.3.8, an attacker with physical access can gain elevated privileges because GRUB and the BIOS are unprotected.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27847 - ESPEC North America Web Controller Authentication Privilege Escalation
CVE ID : CVE-2025-27847
Published : Aug. 14, 2025, 3:15 p.m. | 26 minutes ago
Description : In ESPEC North America Web Controller 3 before 3.3.8, /api/v4/auth/ users session privileges are not revoked on logout.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53945
Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago
Description : The KuWFi 4G AC900 LTE router 1.0.13 is vulnerable to command injection on the HTTP API endpoints /goform/formMultiApnSetting and /goform/atCmd. An authenticated attacker can execute arbitrary OS commands with root privileges via shell metacharacters in parameters such as pincode and cmds. Exploitation can lead to full system compromise, including enabling remote access (e.g., enabling telnet).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-53946
Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago
Description : The KuWFi 4G LTE AC900 router 1.0.13 is vulnerable to Cross-Site Request Forgery (CSRF) on its web management interface. This vulnerability allows an attacker to trick an authenticated admin user into performing unauthorized actions, such as exploiting a command injection vulnerability in /goform/formMultiApnSetting. Successful exploitation can also lead to unauthorized configuration changes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-36581
Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago
Description : Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.
Severity: 3.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43984
Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago
Description : An issue was discovered on KuWFi GC111 devices (Hardware Version: CPE-LM321_V3.2, Software Version: GC111-GL-LM321_V3.0_20191211). They are vulnerable to unauthenticated /goform/goform_set_cmd_process requests. A crafted POST request, using the SSID parameter, allows remote attackers to execute arbitrary OS commands with root privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55672
Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago
Description : A stored Cross-Site Scripting (XSS) vulnerability exists in Apache Superset's chart visualization. An authenticated user with permissions to edit charts can inject a malicious payload into a column's label. The payload is not properly sanitized and gets executed in the victim's browser when they hover over the chart, potentially leading to session hijacking or the execution of arbitrary commands on behalf of the user.
This issue affects Apache Superset: before 5.0.0.
Users are recommended to upgrade to version 5.0.0, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55673
Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago
Description : When a guest user accesses a chart in Apache Superset, the API response from the /chart/data endpoint includes a query field in its payload. This field contains the underlying query, which improperly discloses database schema information, such as table names, to the low-privileged guest user.
This issue affects Apache Superset: before 4.1.3.
Users are recommended to upgrade to version 4.1.3, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55674 - Apache Superset SQL Function Bypass Vulnerability
CVE ID : CVE-2025-55674
Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago
Description : A bypass of the DISALLOWED_SQL_FUNCTIONS security feature in Apache Superset allows for the execution of blocked SQL functions. An attacker can use a special inline block to circumvent the denylist. This allows a user with SQL Lab access to execute functions that were intended to be disabled, leading to the disclosure of sensitive database information like the software version.
This issue affects Apache Superset: before 5.0.0.
Users are recommended to upgrade to version 5.0.0, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55675
Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago
Description : Apache Superset contains an improper access control vulnerability in its /explore endpoint. A missing authorization check allows an authenticated user to discover metadata about datasources they do not have permission to access. By iterating through the datasource_id in the URL, an attacker can enumerate and confirm the existence and names of protected datasources, leading to sensitive information disclosure.
This issue affects Apache Superset: before 5.0.0.
Users are recommended to upgrade to version 5.0.0, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7353
Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago
Description : A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7773 - "Fortinet 5032 Web Server Predictable Session ID"
CVE ID : CVE-2025-7773
Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago
Description : A security issue exists within the 5032 16pt Digital Configurable module’s web server. The web server’s session number increments at an interval that correlates to the last two consecutive sign in session interval, making it predictable.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7774
Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago
Description : A security issue exists within the 5032 16pt Digital Configurable module’s web server. Intercepted session credentials can be used within a 3-minute timeout window, allowing unauthorized users to perform privileged actions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7973
Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago
Description : A security issue exists in FactoryTalk ViewPoint version 14.0 or below due to improper handling of MSI repair operations. During a repair, attackers can hijack the cscript.exe console window, which runs with SYSTEM privileges. This can be exploited to spawn an elevated command prompt, enabling full privilege escalation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-9036
Published : Aug. 14, 2025, 2:15 p.m. | 49 minutes ago
Description : A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercepted by any local client listening on the connection.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-5342
Published : Aug. 14, 2025, 1:15 p.m. | 1 hour, 49 minutes ago
Description : Rejected reason: The original vulnerability was not valid.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8713 - PostgreSQL View and Row Security Statistics Information Disclosure
CVE ID : CVE-2025-8713
Published : Aug. 14, 2025, 1:15 p.m. | 1 hour, 49 minutes ago
Description : PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this data is consulted during the query planning process. Prior to this release, a user could craft a leaky operator that bypassed view access control lists (ACLs) and bypassed row security policies in partitioning or table inheritance hierarchies. Reachable statistics data notably included histograms and most-common-values lists. CVE-2017-7484 and CVE-2019-10130 intended to close this class of vulnerability, but this gap remained. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8714
Published : Aug. 14, 2025, 1:15 p.m. | 1 hour, 49 minutes ago
Description : Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8715
Published : Aug. 14, 2025, 1:15 p.m. | 1 hour, 49 minutes ago
Description : Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks can achieve SQL injection as a superuser of the restore target server. pg_dumpall, pg_restore, and pg_upgrade are also affected. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. Versions before 11.20 are unaffected. CVE-2012-0868 had fixed this class of problem, but version 11.20 reintroduced it.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8961
Published : Aug. 14, 2025, 1:15 p.m. | 1 hour, 49 minutes ago
Description : A vulnerability was identified in LibTIFF 4.7.0. This issue affects the function May of the file tiffcrop.c of the component tiffcrop. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8963
Published : Aug. 14, 2025, 1:15 p.m. | 1 hour, 49 minutes ago
Description : A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is some unknown functionality of the file /drag/onlDragDataSource/testConnection of the component Data Large Screen Template. The manipulation leads to deserialization. The attack may be launched remotely. The vendor response to the GitHub issue report is: "Modified, next version updated".
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8960
Published : Aug. 14, 2025, 12:15 p.m. | 2 hours, 49 minutes ago
Description : A vulnerability has been found in Campcodes Online Flight Booking Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/save_airlines.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54705
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 49 minutes ago
Description : Missing Authorization vulnerability in magepeopleteam WpEvently allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpEvently: from n/a through 4.4.6.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54706 - Noor Alam Magical Posts Display Cross-site Scripting (XSS)
CVE ID : CVE-2025-54706
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 49 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor Alam Magical Posts Display allows DOM-Based XSS. This issue affects Magical Posts Display: from n/a through 1.2.52.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54707
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 49 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 MDTF allows SQL Injection. This issue affects MDTF: from n/a through 1.3.3.7.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8957 - Campcodes Online Flight Booking Management System SQL Injection
CVE ID : CVE-2025-8957
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 49 minutes ago
Description : A vulnerability was determined in Campcodes Online Flight Booking Management System 1.0. Affected is an unknown function of the file /flights.php. The manipulation of the argument departure_airport_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8958
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 49 minutes ago
Description : A vulnerability was identified in Tenda TX3 16.03.13.11_multi_TDE01. Affected by this vulnerability is an unknown functionality of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54692 - WP Swings Membership For WooCommerce Missing Authorization Vulnerability
CVE ID : CVE-2025-54692
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago
Description : Missing Authorization vulnerability in WP Swings Membership For WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Membership For WooCommerce: from n/a through 2.9.0.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54693 - Epiphyt Form Block Unrestricted File Upload Vulnerability
CVE ID : CVE-2025-54693
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago
Description : Unrestricted Upload of File with Dangerous Type vulnerability in epiphyt Form Block allows Upload a Web Shell to a Web Server. This issue affects Form Block: from n/a through 1.5.5.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54694
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in bPlugins Button Block allows Cross Site Request Forgery. This issue affects Button Block: from n/a through 1.2.0.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54695 - HasTech HT Mega Missing Authorization Vulnerability
CVE ID : CVE-2025-54695
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago
Description : Missing Authorization vulnerability in HasTech HT Mega allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HT Mega: from n/a through 2.9.0.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54696
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFunnels WPFunnels allows Stored XSS. This issue affects WPFunnels: from n/a through 3.5.26.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54697
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago
Description : Incorrect Privilege Assignment vulnerability in Ben Ritner - Kadence WP Kadence WooCommerce Email Designer allows Privilege Escalation. This issue affects Kadence WooCommerce Email Designer: from n/a through 1.5.16.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54698
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago
Description : Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in RadiusTheme Classified Listing allows Code Injection. This issue affects Classified Listing: from n/a through 5.0.0.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54699
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in masteriyo Masteriyo - LMS allows Stored XSS. This issue affects Masteriyo - LMS: from n/a through 1.18.3.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54700
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Makeaholic allows PHP Local File Inclusion. This issue affects Makeaholic: from n/a through 1.8.4.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54701
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Unicamp allows PHP Local File Inclusion. This issue affects Unicamp: from n/a through 2.6.3.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54702 - Motov.net Ebook Store CSRF Vulnerability
CVE ID : CVE-2025-54702
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in motov.net Ebook Store allows Cross Site Request Forgery. This issue affects Ebook Store: from n/a through 5.8013.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54703 - Prince Integrate Google Drive CSRF
CVE ID : CVE-2025-54703
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Prince Integrate Google Drive allows Cross Site Request Forgery. This issue affects Integrate Google Drive: from n/a through 1.5.2.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54704
Published : Aug. 14, 2025, 11:15 a.m. | 3 hours, 1 minute ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hashthemes Easy Elementor Addons allows DOM-Based XSS. This issue affects Easy Elementor Addons: from n/a through 2.2.6.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54686
Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 26 minutes ago
Description : Deserialization of Untrusted Data vulnerability in scriptsbundle Exertio allows Object Injection. This issue affects Exertio: from n/a through 1.3.2.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54687
Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 26 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetTabs allows DOM-Based XSS. This issue affects JetTabs: from n/a through 2.2.9.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54688
Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 26 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetEngine allows Stored XSS. This issue affects JetEngine: from n/a through 3.7.1.2.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54689
Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 26 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Urna allows PHP Local File Inclusion. This issue affects Urna: from n/a through 2.5.7.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54690
Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 26 minutes ago
Description : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themeStek Xinterio allows PHP Local File Inclusion. This issue affects Xinterio: from n/a through 4.2.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54691
Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 26 minutes ago
Description : Authorization Bypass Through User-Controlled Key vulnerability in Stylemix Motors allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Motors: from n/a through 1.4.80.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54685 - Brainstorm Force SureDash Information Disclosure Vulnerability
CVE ID : CVE-2025-54685
Published : Aug. 14, 2025, 11:15 a.m. | 1 hour, 1 minute ago
Description : Insertion of Sensitive Information Into Sent Data vulnerability in Brainstorm Force SureDash allows Retrieve Embedded Sensitive Data. This issue affects SureDash: from n/a through 1.1.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-48860 - "CtrlX OS Backup Archive Privilege Escalation"
CVE ID : CVE-2025-48860
Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago
Description : A vulnerability in the web application of the ctrlX OS setup mechanism facilitated an authenticated (low privileged) attacker to gain remote access to backup archives created by a user with elevated permissions. Depending on the content of the backup archive, the attacker may have been able to access sensitive data.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-48861 - CtrlX OS Task API Remote Information Disclosure
CVE ID : CVE-2025-48861
Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago
Description : A vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote, unauthenticated attacker to access and extract internal application data, including potential debug logs and the version of installed apps.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-48862 - CtrlX OS Unencrypted Backup File Exposure
CVE ID : CVE-2025-48862
Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago
Description : Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set. However, only the private key - if available in the backup - is encrypted, while the backup file itself remains unencrypted.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54472 - Apache bRPC Redis Protocol Parser Integer Overflow Denial of Service
CVE ID : CVE-2025-54472
Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago
Description : Unlimited memory allocation in redis protocol parser in Apache bRPC (all versions < 1.14.1) on all platforms allows attackers to crash the service via network.
Root Cause: In the bRPC Redis protocol parser code, memory for arrays or strings of corresponding sizes is allocated based on the integers read from the network. If the integer read from the network is too large, it may cause a bad alloc error and lead to the program crashing. Attackers can exploit this feature by sending special data packets to the bRPC service to carry out a denial-of-service attack on it.
The bRPC 1.14.0 version tried to fix this issue by limited the memory allocation size, however, the limitation checking code is not well implemented that may cause integer overflow and evade such limitation. So the 1.14.0 version is also vulnerable, although the integer range that affect version 1.14.0 is different from that affect version < 1.14.0.
Affected scenarios: Using bRPC as a Redis server to provide network services to untrusted clients, or using bRPC as a Redis client to call untrusted Redis services.
How to Fix: we provide two methods, you can choose one of them:
1. Upgrade bRPC to version 1.14.1.
2. Apply this patch ( https://github.com/apache/brpc/pull/3050 ) manually.
No matter you choose which method, you should note that the patch limits the maximum length of memory allocated for each time in the bRPC Redis parser. The default limit is 64M. If some of you redis request or response have a size larger than 64M, you might encounter error after upgrade. For such case, you can modify the gflag redis_max_allocation_size to set a larger limit.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5998 - WordPress PPWP Password Authorization Information Disclosure
CVE ID : CVE-2025-5998
Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago
Description : The PPWP – Password Protect Pages WordPress plugin before version 1.9.11 allows to put the site content behind a password authorization, however users with subscriber or greater roles can view content via the REST API.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8952
Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago
Description : A vulnerability was found in Campcodes Online Flight Booking Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8953
Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago
Description : A vulnerability was determined in SourceCodester COVID 19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /check_availability.php. The manipulation of the argument employeeid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8954 - PHPGurukul Hospital Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8954
Published : Aug. 14, 2025, 9:15 a.m. | 1 hour, 9 minutes ago
Description : A vulnerability was identified in PHPGurukul Hospital Management System 4.0. This affects an unknown part of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27388 - Apple Safari DOM-Based Cross-Site Scripting (XSS)
CVE ID : CVE-2025-27388
Published : Aug. 14, 2025, 8:15 a.m. | 2 hours, 9 minutes ago
Description : Loading arbitrary external URLs through WebView components introduces malicious JS code that can steal arbitrary user tokens.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8950 - Campcodes Online Recruitment Management System SQL Injection
CVE ID : CVE-2025-8950
Published : Aug. 14, 2025, 8:15 a.m. | 2 hours, 9 minutes ago
Description : A vulnerability was identified in Campcodes Online Recruitment Management System 1.0. This issue affects some unknown processing of the file /Recruitment/index.php?page=view_vacancy. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8951 - PHPGurukul Teachers Record Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8951
Published : Aug. 14, 2025, 8:15 a.m. | 2 hours, 9 minutes ago
Description : A vulnerability has been found in PHPGurukul Teachers Record Management System 2.1. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8947 - Projectworlds Visitor Management System SQL Injection
CVE ID : CVE-2025-8947
Published : Aug. 14, 2025, 7:15 a.m. | 3 hours, 9 minutes ago
Description : A vulnerability was found in projectworlds Visitor Management System 1.0. This issue affects some unknown processing of the file /query_data.php. The manipulation of the argument dateF/dateP leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8948 - Projectworlds Visitor Management System SQL Injection
CVE ID : CVE-2025-8948
Published : Aug. 14, 2025, 7:15 a.m. | 3 hours, 9 minutes ago
Description : A vulnerability was determined in projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /front.php. The manipulation of the argument rid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8949
Published : Aug. 14, 2025, 7:15 a.m. | 3 hours, 9 minutes ago
Description : A vulnerability was identified in D-Link DIR-825 2.10. Affected by this vulnerability is the function get_ping_app_stat of the file ping_response.cgi of the component httpd. The manipulation of the argument ping_ipaddr leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3414
Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago
Description : The Structured Content (JSON-LD) #wpsc WordPress plugin before 1.7.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6790 - Quiz and Survey Master WordPress CSRF Vulnerability
CVE ID : CVE-2025-6790
Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago
Description : The Quiz and Survey Master (QSM) WordPress plugin before 10.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7808
Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago
Description : The WP Shopify WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8046
Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago
Description : The Injection Guard WordPress plugin before 1.2.8 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8939 - Tenda AC20 Buffer Overflow in WifiGuestSet
CVE ID : CVE-2025-8939
Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago
Description : A vulnerability was determined in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/WifiGuestSet. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8940
Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago
Description : A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this vulnerability is the function strcpy of the file /goform/saveParentControlInfo. The manipulation of the argument Time leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8946
Published : Aug. 14, 2025, 6:15 a.m. | 4 hours, 9 minutes ago
Description : A vulnerability has been found in projectworlds Online Notes Sharing Platform 1.0. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument User leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5942 - Netskope NS Client Windows Heap Overflow Denial-of-Service
CVE ID : CVE-2025-5942
Published : Aug. 14, 2025, 5:15 a.m. | 5 hours, 9 minutes ago
Description : Netskope was notified about a potential gap in its agent (NS Client) on Windows systems. If this gap is successfully exploited, an unprivileged user can trigger a heap overflow in the epdlpdrv.sys driver, leading to a Blue-Screen-of-Death (BSOD). Successful exploitation can also potentially be performed by an unprivileged user whose NS Client is configured to use Endpoint DLP. A successful exploit can result in a denial-of-service for the local machine.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8936 - "1000 Projects Sales Management System SQL Injection"
CVE ID : CVE-2025-8936
Published : Aug. 14, 2025, 5:15 a.m. | 5 hours, 9 minutes ago
Description : A vulnerability was determined in 1000 Projects Sales Management System 1.0. Affected by this issue is some unknown functionality of the file /superstore/dist/dordupdate.php. The manipulation of the argument select2 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8937
Published : Aug. 14, 2025, 5:15 a.m. | 5 hours, 9 minutes ago
Description : A vulnerability has been found in TOTOLINK N350R 1.2.3-B20130826. This vulnerability affects unknown code of the file /boafrm/formSysCmd. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8938 - TOTOLINK N350R Telnet Service Remote Backdoor Vulnerability
CVE ID : CVE-2025-8938
Published : Aug. 14, 2025, 5:15 a.m. | 5 hours, 9 minutes ago
Description : A vulnerability was found in TOTOLINK N350R 1.2.3-B20130826. This issue affects the function formSysTel of the file /boafrm/formSysTel of the component Telnet Service. The manipulation of the argument TelEnabled leads to backdoor. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-7402
Published : Aug. 14, 2025, 5:15 a.m. | 3 hours, 26 minutes ago
Description : Netskope has identified a potential gap in its agent (Netskope Client) in which a malicious insider can potentially tamper the Netskope Client configuration by performing MITM (Man-in-the-Middle) activity on the Netskope Client communication channel. A successful exploitation would require administrative privileges on the machine, and could result in temporarily altering the configuration of Netskope Client or permanently disabling or removing the agent from the machine.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-0309
Published : Aug. 14, 2025, 5:15 a.m. | 3 hours, 26 minutes ago
Description : An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect to any other server with Public Signed CA TLS certificates and send specially crafted responses to elevate privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5941 - Netskope NS Client DNS Memory Leak
CVE ID : CVE-2025-5941
Published : Aug. 14, 2025, 5:15 a.m. | 3 hours, 26 minutes ago
Description : Netskope is notified about a potential gap in its agent (NS Client) in which a malicious actor could trigger a memory leak by sending a crafted DNS packet to a machine. A successful exploitation may require administrative privileges on the machine, based on the exact configuration. A successful exploit can potentially result in user-controllable memory being leaked in a domain name stored on the local machine.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8934 - "1000 Projects Sales Management System Cross-Site Scripting Vulnerability"
CVE ID : CVE-2025-8934
Published : Aug. 14, 2025, 4:16 a.m. | 4 hours, 26 minutes ago
Description : A vulnerability has been found in 1000 Projects Sales Management System 1.0. Affected is an unknown function of the file /sales.php. The manipulation of the argument select2112 leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8935 - "1000 Projects Sales Management System SQL Injection Vulnerability"
CVE ID : CVE-2025-8935
Published : Aug. 14, 2025, 4:16 a.m. | 4 hours, 26 minutes ago
Description : A vulnerability was found in 1000 Projects Sales Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /superstore/custcmp.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8933 - "1000 Projects Sales Management System Cross Site Scripting Vulnerability"
CVE ID : CVE-2025-8933
Published : Aug. 14, 2025, 4:15 a.m. | 4 hours, 26 minutes ago
Description : A vulnerability was identified in 1000 Projects Sales Management System 1.0. This issue affects some unknown processing of the file /superstore/admin/sales.php. The manipulation of the argument ssalescat leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8931 - Code-projects Medical Store Management System SQL Injection
CVE ID : CVE-2025-8931
Published : Aug. 14, 2025, 3:15 a.m. | 5 hours, 26 minutes ago
Description : A vulnerability was determined in code-projects Medical Store Management System 1.0. Affected is an unknown function of the file ChangePassword.java. The manipulation of the argument newPassTxt leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8932 - "1000 Projects Sales Management System SQL Injection"
CVE ID : CVE-2025-8932
Published : Aug. 14, 2025, 3:15 a.m. | 5 hours, 26 minutes ago
Description : A vulnerability was determined in 1000 Projects Sales Management System 1.0. This vulnerability affects unknown code of the file /superstore/admin/sales.php. The manipulation of the argument ssalescat leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8930 - "Code-projects Medical Store Management System SQL Injection Vulnerability"
CVE ID : CVE-2025-8930
Published : Aug. 14, 2025, 3:15 a.m. | 5 hours, 6 minutes ago
Description : A vulnerability was found in code-projects Medical Store Management System 1.0. This issue affects some unknown processing of the file UpdateCompany.java of the component Update Company Page. The manipulation of the argument companyNameTxt leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55198 - Helm Chart YAML Parsing Type Error Denial of Service
CVE ID : CVE-2025-55198
Published : Aug. 14, 2025, 12:15 a.m. | 8 hours, 7 minutes ago
Description : Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, when parsing Chart.yaml and index.yaml files, an improper validation of type error can lead to a panic. This issue has been resolved in Helm 3.18.5. A workaround involves ensuring YAML files are formatted as Helm expects prior to processing them with Helm.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55199 - Helm Denial of Service (DoS) Vulnerability
CVE ID : CVE-2025-55199
Published : Aug. 14, 2025, 12:15 a.m. | 8 hours, 7 minutes ago
Description : Helm is a package manager for Charts for Kubernetes. Prior to version 3.18.5, it is possible to craft a JSON Schema file in a manner which could cause Helm to use all available memory and have an out of memory (OOM) termination. This issue has been resolved in Helm 3.18.5. A workaround involves ensuring all Helm charts that are being loaded into Helm do not have any reference of $ref pointing to /dev/zero.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55194 - Part-DB Persistent File Extension Denial of Service
CVE ID : CVE-2025-55194
Published : Aug. 13, 2025, 11:15 p.m. | 7 hours, 26 minutes ago
Description : Part-DB is an open source inventory management system for electronic components. Prior to version 1.17.3, any authenticated user can upload a profile picture with a misleading file extension (e.g., .jpg.txt), resulting in a persistent 500 Internal Server Error when attempting to view or edit that user’s profile. This makes the profile permanently inaccessible via the UI for both users and administrators, constituting a Denial of Service (DoS) within the user management interface. This issue has been patched in version 1.17.3.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55196
Published : Aug. 13, 2025, 11:15 p.m. | 7 hours, 26 minutes ago
Description : External Secrets Operator is a Kubernetes operator that integrates external secret management systems. From version 0.15.0 to before 0.19.2, a vulnerability was discovered where the List() calls for Kubernetes Secret and SecretStore resources performed by the PushSecret controller did not apply a namespace selector. This flaw allowed an attacker to use label selectors to list and read secrets/secret-stores across the cluster, bypassing intended namespace restrictions. An attacker with the ability to create or update PushSecret resources and control SecretStore configurations could exploit this vulnerability to exfiltrate sensitive data from arbitrary namespaces. This could lead to full disclosure of Kubernetes secrets, including credentials, tokens, and other sensitive information stored in the cluster. This vulnerability has been patched in version 0.19.2. A workaround for this issue includes auditing and restricting RBAC permissions so that only trusted service accounts can create or update PushSecret and SecretStore resources.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55197 - PyPDF FlateDecode Filter Exhaustion Denial of Service
CVE ID : CVE-2025-55197
Published : Aug. 13, 2025, 11:15 p.m. | 7 hours, 26 minutes ago
Description : pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other content streams are affected on explicit access. This issue has been fixed in 6.0.0. If an update is not possible, a workaround involves including the fixed code from pypdf.filters.decompress into the existing filters file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55193 - Ruby on Rails ANSI Sequence Injection Vulnerability
CVE ID : CVE-2025-55193
Published : Aug. 13, 2025, 11:15 p.m. | 7 hours, 2 minutes ago
Description : Active Record connects classes to relational database tables. Prior to versions 7.1.5.2, 7.2.2.2, and 8.0.2.1, the ID passed to find or similar methods may be logged without escaping. If this is directly to the terminal it may include unescaped ANSI sequences. This issue has been patched in versions 7.1.5.2, 7.2.2.2, and 8.0.2.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8928 - Code-projects Medical Store Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8928
Published : Aug. 13, 2025, 10:15 p.m. | 8 hours, 2 minutes ago
Description : A vulnerability was identified in code-projects Medical Store Management System 1.0. This affects an unknown part of the file UpdateMedicines.java of the component Update Medicines Page. The manipulation of the argument productNameTxt leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8929 - Code-projects Medical Store Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8929
Published : Aug. 13, 2025, 10:15 p.m. | 8 hours, 1 minute ago
Description : A vulnerability has been found in code-projects Medical Store Management System 1.0. This vulnerability affects unknown code of the file MainPanel.java. The manipulation of the argument searchTxt leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10058 - RabidHamster Web Server Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2012-10058
Published : Aug. 13, 2025, 9:15 p.m. | 9 hours, 1 minute ago
Description : RabidHamster R4 v1.25 contains a stack-based buffer overflow vulnerability due to unsafe use of sprintf() when logging malformed HTTP requests. A remote attacker can exploit this flaw by sending a specially crafted URI, resulting in arbitrary code execution under the context of the web server process.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10059 - Dolibarr ERP/CRM OS Command Injection Vulnerability
CVE ID : CVE-2012-10059
Published : Aug. 13, 2025, 9:15 p.m. | 9 hours, 1 minute ago
Description : Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sql_compat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code execution on the server.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10060 - Sysax Multi Server SSH Stack Buffer Overflow
CVE ID : CVE-2012-10060
Published : Aug. 13, 2025, 9:15 p.m. | 9 hours, 1 minute ago
Description : Sysax Multi Server versions prior to 5.55 contains a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code execution under the context of the service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34154 - UnForm Server Manager Unauthenticated File Read Vulnerability
CVE ID : CVE-2025-34154
Published : Aug. 13, 2025, 9:15 p.m. | 9 hours, 1 minute ago
Description : UnForm Server Manager versions prior to 10.1.12 expose an unauthenticated file read vulnerability via its log file analysis interface. The flaw resides in the arc endpoint, which accepts a fl parameter to specify the log file to be opened. Due to insufficient input validation and lack of path sanitization, attackers can supply relative paths to access arbitrary files on the host system — including sensitive OS-level files — without authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2011-10014 - GTA San Andreas Multiplayer (SA-MP) Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2011-10014
Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago
Description : GTA San Andreas Multiplayer (SA-MP) server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code when the server binary (samp-server.exe) processes a crafted echo directive containing excessive input. The original 'sa-mp.com' site is defunct, but the community maintains mirrors and forks that may be vulnerable.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2011-10015 - Cytel Studio Buffer Overflow Vulnerability
CVE ID : CVE-2011-10015
Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago
Description : Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by parsing a malformed .CY3 file. The vulnerability occurs when the application copies user-controlled strings into a fixed-size stack buffer (256 bytes) without proper bounds checking. Exploitation allows arbitrary code execution when the crafted file is opened.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10016
Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago
Description : Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack-based buffer overflow when parsing a specially crafted ZIP archive. The vulnerability is triggered when the application attempts to process a file name within the archive that exceeds the expected buffer size. Exploitation allows arbitrary code execution under the context of the victim user when the ZIP file is opened.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10017
Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago
Description : Snort Report versions < 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts. These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no authentication and can result in full compromise of the underlying system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10018
Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago
Description : myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of the intended application logic. Exploitation requires no authentication and results in full compromise of the web server under the context of the web application.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10019
Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago
Description : Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its search functionality. The application fails to properly sanitize input passed via the search[send][] parameter, which is dynamically invoked using Ruby’s send method. This allows attackers to execute arbitrary shell commands on the server without authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10054
Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago
Description : Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via the codeEditorSave.asmx SOAP endpoint, which exposes a SaveDLRScript operation that permits arbitrary file uploads without authentication. By exploiting a path traversal flaw in the fileName parameter, attackers can write malicious ASPX scripts directly into the web-accessible /umbraco/ directory and execute them remotely.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10055 - F-Secure ComSndFTP Format String Vulnerability
CVE ID : CVE-2012-10055
Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago
Description : ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote attacker can overwrite a hardcoded function pointer in memory (specifically WSACleanup from Ws2_32.dll). This allows the attacker to redirect execution flow and bypass DEP protections using a ROP chain, ultimately leading to arbitrary code execution. The vulnerability is exploitable without authentication and affects default configurations.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10056 - Apache Volunteer Management System Remote File Upload Vulnerability
CVE ID : CVE-2012-10056
Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago
Description : PHP Volunteer Management System v1.0.2 contains an arbitrary file upload vulnerability in its document upload functionality. Authenticated users can upload files to the mods/documents/uploads/ directory without any restriction on file type or extension. Because this directory is publicly accessible and lacks execution controls, attackers can upload a malicious PHP payload and execute it remotely. The application ships with default credentials, making exploitation trivial. Once authenticated, the attacker can upload a PHP shell and trigger it via a direct GET request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10057
Published : Aug. 13, 2025, 9:15 p.m. | 7 hours, 7 minutes ago
Description : Lattice Semiconductor ispVM System v18.0.2 contains a buffer overflow vulnerability in its handling of .xcf project files. When parsing the version attribute of the ispXCF XML tag, the application fails to properly validate input length, allowing a specially crafted file to overwrite memory on the stack. This can result in arbitrary code execution under the context of the user who opens the file. The vulnerability is triggered locally by opening a malicious .xcf file and does not require elevated privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10011
Published : Aug. 13, 2025, 9:15 p.m. | 5 hours, 26 minutes ago
Description : WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where unsanitized input in the to parameter of a POST request is written directly into includes/currencies.php. This allows unauthenticated attackers to inject arbitrary PHP code, resulting in persistent remote code execution when the modified script is accessed or included by the application.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10012
Published : Aug. 13, 2025, 9:15 p.m. | 5 hours, 26 minutes ago
Description : NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an attacker to execute arbitrary code when the file is opened.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10013
Published : Aug. 13, 2025, 9:15 p.m. | 5 hours, 26 minutes ago
Description : Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common.php script. The flawed authorization logic fails to halt execution after a failed access check, allowing unauthenticated users to reach admin-only functionality. This can be exploited via plugins.php to inject and execute arbitrary PHP code.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2011-10009
Published : Aug. 13, 2025, 9:15 p.m. | 1 hour, 6 minutes ago
Description : S40 CMS v0.4.2 contains a path traversal vulnerability in its index.php page handler. The p parameter is not properly sanitized, allowing attackers to traverse the file system and access arbitrary files outside the web root. This can be exploited remotely without authentication by appending traversal sequences and a null byte to bypass file extension checks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2011-10010 - QuickShare File Server FTP Path Traversal Vulnerability
CVE ID : CVE-2011-10010
Published : Aug. 13, 2025, 9:15 p.m. | 1 hour, 6 minutes ago
Description : QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the "Writable" option is enabled (default during account creation), this allows attackers to upload arbitrary files to privileged locations such as system32, enabling remote code execution via MOF injection or executable placement.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43982
Published : Aug. 13, 2025, 8:15 p.m. | 2 hours, 6 minutes ago
Description : Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by default. There is a hidden hard-coded root account that cannot be disabled in the GUI.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43986
Published : Aug. 13, 2025, 8:15 p.m. | 2 hours, 6 minutes ago
Description : An issue was discovered on KuWFi GC111 GC111-GL-LM321_V3.0_20191211 devices. The TELNET service is enabled by default and exposed over the WAN interface without authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43988 - KuWFi 5G01-X55 RCE through Unauthenticated API Endpoint
CVE ID : CVE-2025-43988
Published : Aug. 13, 2025, 8:15 p.m. | 2 hours, 6 minutes ago
Description : KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API endpoint (ajax_get.cgi), allowing remote attackers to retrieve sensitive configuration data, including admin credentials.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8926 - SourceCodester COVID 19 Testing Management System SQL Injection
CVE ID : CVE-2025-8926
Published : Aug. 13, 2025, 8:15 p.m. | 2 hours, 6 minutes ago
Description : A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8927
Published : Aug. 13, 2025, 8:15 p.m. | 2 hours, 6 minutes ago
Description : A vulnerability was determined in mtons mblog up to 3.5.0. Affected by this issue is some unknown functionality of the file /email/send_code of the component Verification Code Handler. The manipulation of the argument email leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8925 - iSourcecode Sports Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8925
Published : Aug. 13, 2025, 7:15 p.m. | 3 hours, 6 minutes ago
Description : A vulnerability has been found in itsourcecode Sports Management System 1.0. Affected is an unknown function of the file /Admin/match.php. The manipulation of the argument code leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43989
Published : Aug. 13, 2025, 7:15 p.m. | 1 hour, 26 minutes ago
Description : The /goform/formJsonAjaxReq POST endpoint of Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices mishandles the set_timesetting action with the ntpserver0 parameter, which is used in a system command. By setting a username=admin cookie (bypassing normal session checks), an unauthenticated attacker can use that parameter to execute arbitrary OS commands.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-45313
Published : Aug. 13, 2025, 7:15 p.m. | 1 hour, 26 minutes ago
Description : A cross-site scripting (XSS) vulnerability in the /tasks endpoint of hortusfox-web v4.4 allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted payload injected into the title parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8922
Published : Aug. 13, 2025, 7:15 p.m. | 1 hour, 26 minutes ago
Description : A vulnerability was found in code-projects Job Diary 1.0. This affects an unknown part of the file /admin-inbox.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8923
Published : Aug. 13, 2025, 7:15 p.m. | 1 hour, 26 minutes ago
Description : A vulnerability was determined in code-projects Job Diary 1.0. This vulnerability affects unknown code of the file /edit-details.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8924 - Campcodes Online Water Billing System SQL Injection
CVE ID : CVE-2025-8924
Published : Aug. 13, 2025, 7:15 p.m. | 1 hour, 26 minutes ago
Description : A vulnerability was identified in Campcodes Online Water Billing System 1.0. This issue affects some unknown processing of the file /viewbill.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50615
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00470c50 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_mac_filter_set in the payload, which can cause the program to crash and lead to a Denial of Service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50616
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046f984 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_advanced_set in the payload, which can cause the program to crash and lead to a Denial of Service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50617
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_0046ed68 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wps_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50946
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : OS Command Injection in Olivetin 2025.4.22 Custom Themes via the ParseRequestURI function in service/internal/executor/arguments.go.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5819
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 15.7 before 17.11.6, 18.0 before 18.0.4, and 18.1 before 18.1.2 that could have allowed authenticated users with developer access to obtain ID tokens for protected branches under certain circumstances.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6186
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to achieve account takeover by injecting malicious HTML into work item names.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7734
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 14.2 before 18.0.6, 18.1 before 18.1.4 and 18.2 before 18.2.2 that, under certain conditions, could have allowed a successful attacker to execute actions on behalf of users by injecting malicious content.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7739
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 18.2 before 18.2.2 that, under certain conditions, could have allowed authenticated users to achieve stored cross-site scripting by injecting malicious HTML content in scoped label descriptions.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8754 - ABB AbilityTM zenon Missing Authentication for Critical Function
CVE ID : CVE-2025-8754
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : Missing Authentication for Critical Function vulnerability in ABB ABB AbilityTM zenon.This issue affects ABB AbilityTM zenon: from 7.50 through 14.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8770 - GitLab EE Authentication Bypass Vulnerability
CVE ID : CVE-2025-8770
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that could have allowed authenticated users with specific access to bypass merge request approval policies by manipulating approval rule identifiers.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8904
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges.
Users are advised to upgrade to Amazon EMR version 7.5 or higher. For Amazon EMR releases between 6.10 and 7.4, we strongly recommend that you run the bootstrap script and RPM files with the fix provided in the location below.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8919
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8920
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : A vulnerability was identified in Portabilis i-Diario 1.6. Affected by this vulnerability is an unknown functionality of the file /dicionario-de-termos-bncc of the component Dicionário de Termos BNCC Page. The manipulation of the argument Planos de ensino leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8921
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 26 minutes ago
Description : A vulnerability has been found in code-projects Job Diary 1.0. Affected by this issue is some unknown functionality of the file /user-apply.php. The manipulation of the argument job_title leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2937 - GitLab Markdown Wiki Denial of Service Vulnerability
CVE ID : CVE-2025-2937
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 8 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 13.2 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed authenticated users to create a denial of service condition by sending specially crafted markdown payloads to the Wiki feature.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-45314
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 8 minutes ago
Description : A cross-site scripting (XSS) vulnerability in the /Calendar endpoint of hortusfox-web v4.4 allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted payload injected into the add function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-45315
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 8 minutes ago
Description : A cross-site scripting (XSS) vulnerability in the /controller/admin.php endpoint of hortusfox-web v4.4 allows attackers to execute arbitrary JavaScript in the context of a user's browser via a crafted payload injected into the email parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-45316 - Hortusfox Web TextBlockModule XSS
CVE ID : CVE-2025-45316
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 8 minutes ago
Description : A cross-site scripting (XSS) vulnerability in the TextBlockModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-45317 - Hortusfox-web Zip Slip Vulnerability
CVE ID : CVE-2025-45317
Published : Aug. 13, 2025, 6:15 p.m. | 2 hours, 8 minutes ago
Description : A zip slip vulnerability in the /modules/ImportModule.php component of hortusfox-web v4.4 allows attackers to execute arbitrary code via a crafted archive.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23303
Published : Aug. 13, 2025, 6:15 p.m. | 1 hour, 2 minutes ago
Description : NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23304
Published : Aug. 13, 2025, 6:15 p.m. | 1 hour, 2 minutes ago
Description : NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. A successful exploit of this vulnerability may lead to remote code execution and data tampering.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23305
Published : Aug. 13, 2025, 6:15 p.m. | 1 hour, 2 minutes ago
Description : NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attacker may exploit a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23306
Published : Aug. 13, 2025, 6:15 p.m. | 1 hour, 2 minutes ago
Description : NVIDIA Megatron-LM for all platforms contains a vulnerability in the megatron/training/
arguments.py component where an attacker could cause a code injection issue by providing a malicious input. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2498 - "Gitlab EE Improper Access Control Vulnerability"
CVE ID : CVE-2025-2498
Published : Aug. 13, 2025, 6:15 p.m. | 1 hour, 2 minutes ago
Description : An improper access control in Gitlab EE affecting all versions from 12.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that under certain conditions could have allowed users to view assigned issues from restricted groups by bypassing IP restrictions.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2614 - GitLab CE/EE Resource Exhaustion Denial of Service
CVE ID : CVE-2025-2614
Published : Aug. 13, 2025, 6:15 p.m. | 1 hour, 2 minutes ago
Description : An issue has been discovered in GitLab CE/EE affecting all versions from 11.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that could have allowed an authenticated user to cause a denial of service condition by creating specially crafted content that consumes excessive server resources when processed.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2180
Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago
Description : An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma® Cloud.
This issue impacts Checkov 3.0 versions earlier than Checkov 3.2.415.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2181
Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago
Description : A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud can result in the cleartext exposure of Prisma Cloud access keys in Checkov's output.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2182
Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago
Description : A problem with the implementation of the MACsec protocol in Palo Alto Networks PAN-OS® results in the cleartext exposure of the connectivity association key (CAK). This issue is only applicable to PA-7500 Series devices which are in an NGFW cluster.
A user who possesses this key can read messages being sent between devices in a NGFW Cluster. There is no impact in non-clustered firewalls or clusters of firewalls that do not enable MACsec.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2183
Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago
Description : An insufficient certificate validation issue in the Palo Alto Networks GlobalProtect™ app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install malicious root certificates on the endpoint and subsequently install malicious software signed by the malicious root certificates on that endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2184
Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago
Description : A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker VM images to share identical default credentials for internal services. Users knowing these default credentials could access internal services on other Broker VM installations.
The attacker must have network access to the Broker VM to exploit this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34153 - Hyland OnBase .NET Remoting RCE via Insecure Deserialization
CVE ID : CVE-2025-34153
Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago
Description : Hyland OnBase versions prior to 17.0.2.87 (other versions may be affected) are vulnerable to unauthenticated remote code execution via insecure deserialization on the .NET Remoting TCP channel. The service registers a listener on port 6031 with the URI endpoint TimerServer, implemented in Hyland.Core.Timers.dll. This endpoint deserializes untrusted input using the .NET BinaryFormatter, allowing attackers to execute arbitrary code under the context of NT AUTHORITY\SYSTEM.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50594 - Danphe Health Hospital Management System EMR Password Reset Vulnerability
CVE ID : CVE-2025-50594
Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago
Description : An issue was discovered in /Code/Websites/DanpheEMR/Controllers/Settings/SecuritySettingsController.cs in Danphe Health Hospital Management System EMR 3.2 allowing attackers to reset any account password.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51451
Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago
Description : In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52385
Published : Aug. 13, 2025, 5:15 p.m. | 1 hour, 1 minute ago
Description : An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the child_process module
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50608
Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago
Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00471994 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50609
Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago
Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the Function_00465620 of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of specify_parame in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50610
Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago
Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00476598 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50611
Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago
Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00473154 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set_5g and wl_sec_rp_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50612
Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago
Description : A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_004743f8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set in the payload, which may cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50613
Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago
Description : A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00475e1c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_key_wep in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50614
Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago
Description : A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_0047151c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51452
Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago
Description : In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a specific request through formLoginAuth.htm.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8918
Published : Aug. 13, 2025, 4:15 p.m. | 2 hours, 1 minute ago
Description : A vulnerability was found in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /intranet/educar_instituicao_cad.php of the component Editar Page. The manipulation of the argument neighborhood name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51691
Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago
Description : Cross-Site Scripting (XSS) vulnerability found in MarkTwo commit e3a1d3f90cce4ea9c26efcbbf3a1cbfb9dcdb298 (May 2025) allows a remote attacker to execute arbitrary code via a crafted script input to the editor interface. The application does not properly sanitize user-supplied Markdown before rendering it. Successful exploitation could lead to session hijacking, credential theft, or arbitrary client-side code execution in the context of the victim's browser.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52585 - BIG-IP LTM Anonymous Diffie-Hellman Denial of Service
CVE ID : CVE-2025-52585
Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago
Description : When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diffie-Hellman (ADH) ciphers enabled, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53859 - NGINX SMTP Module Information Leak
CVE ID : CVE-2025-53859
Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago
Description : NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_smtp_module that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happens during the NGINX SMTP authentication process and requires the attacker to make preparations against the target system to extract the leaked data. The issue affects NGINX only if (1) it is built with the ngx_mail_smtp_module, (2) the smtp_auth directive is configured with method "none," and (3) the authentication server returns the "Auth-Wait" response header.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54500
Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago
Description : An HTTP/2 implementation flaw allows a denial-of-service (DoS) that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit (HTTP/2 MadeYouReset Attack).
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54809 - F5 Access for Android SSL/TLS Man-in-the-Middle (MitM) Vulnerability
CVE ID : CVE-2025-54809
Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago
Description : F5 Access for Android before version 3.1.2 which uses HTTPS does not verify the remote endpoint identity.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55163
Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago
Description : Netty is an asynchronous, event-driven network application framework. Prior to versions 4.1.124.Final and 4.2.4.Final, Netty is vulnerable to MadeYouReset DDoS. This is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit - which results in resource exhaustion and distributed denial of service. This issue has been patched in versions 4.1.124.Final and 4.2.4.Final.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8941
Published : Aug. 13, 2025, 3:15 p.m. | 3 hours, 1 minute ago
Description : A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46405 - BIG-IP APM Traffic Management Microkernel Denial of Service
CVE ID : CVE-2025-46405
Published : Aug. 13, 2025, 3:15 p.m. | 1 hour, 25 minutes ago
Description : When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48500
Published : Aug. 13, 2025, 3:15 p.m. | 1 hour, 25 minutes ago
Description : A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, authenticated attacker with access to the local file system to replace it with a malicious package installer.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50251
Published : Aug. 13, 2025, 3:15 p.m. | 1 hour, 25 minutes ago
Description : Server side request forgery (SSRF) vulnerability in makeplane plane 0.23.1 via the password recovery.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50635 - Netis WF2780 Null Pointer Dereference DoS Vulnerability
CVE ID : CVE-2025-50635
Published : Aug. 13, 2025, 3:15 p.m. | 1 hour, 25 minutes ago
Description : A null pointer dereference vulnerability was discovered in Netis WF2780 v2.2.35445. The vulnerability exists in the FUN_0048a728 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the CONTENT_LENGTH variable, causing the program to crash and potentially leading to a denial-of-service (DoS) attack.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50690
Published : Aug. 13, 2025, 3:15 p.m. | 1 hour, 25 minutes ago
Description : A Cross-Site Scripting (XSS) vulnerability exists in SpatialReference.org (OSGeo/spatialreference.org) versions prior to 2025-05-17 (commit 2120adfa17ddd535bd0f539e6c4988fa3a2cb491). The vulnerability is caused by improper handling of user input in the search query parameter. An attacker can craft a specially formed URL with malicious JavaScript code, which is then reflected back and executed in the victim's browser. This flaw allows an attacker to execute arbitrary JavaScript in the context of the victim's session, potentially leading to session hijacking, phishing attacks, data theft, or redirection to malicious sites. The issue is exposed on publicly accessible pages, making it exploitable by an unauthenticated attacker.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55005
Published : Aug. 13, 2025, 2:15 p.m. | 2 hours, 25 minutes ago
Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is larger than 1024. This leads to corrupting memory beyond the end of the allocated logmap buffer. This issue has been patched in version 7.1.2-1.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55154
Published : Aug. 13, 2025, 2:15 p.m. | 2 hours, 25 minutes ago
Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, the magnified size calculations in ReadOneMNGIMage (in coders/png.c) are unsafe and can overflow, leading to memory corruption. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55160 - ImageMagick Denial of Service (DoS) Function-Type Mismatch Vulnerability
CVE ID : CVE-2025-55160
Published : Aug. 13, 2025, 2:15 p.m. | 2 hours, 25 minutes ago
Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55668
Published : Aug. 13, 2025, 2:15 p.m. | 2 hours, 25 minutes ago
Description : Session Fixation vulnerability in Apache Tomcat via rewrite valve.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105.
Older, EOL versions may also be affected.
Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32451
Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago
Description : A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an uninitialized pointer. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52386 - "CycloneDX Sunshine Formula Injection Vulnerability"
CVE ID : CVE-2025-52386
Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago
Description : CycloneDX Sunshine v0.9 is vulnerable to CSV Formula Injection via a crafted JSON file
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52392
Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago
Description : Soosyze CMS 2.0 allows brute-force login attacks via the /user/login endpoint due to missing rate-limiting and lockout mechanisms. An attacker can repeatedly submit login attempts without restrictions, potentially gaining unauthorized administrative access. This vulnerability corresponds to CWE-307: Improper Restriction of Excessive Authentication Attempts.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54074 - Cherry Studio OS Command Injection Vulnerability
CVE ID : CVE-2025-54074
Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago
Description : Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.2.5 to 1.5.1, Cherry Studio is vulnerable to OS Command Injection during a connection with a malicious MCP server in HTTP Streamable mode. Attackers can setup a malicious MCP server with compatible OAuth authorization server endpoints and trick victims into connecting it, leading to OS command injection in vulnerable clients. This issue has been patched in version 1.5.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54382 - Cherry Studio Cherry Picker Remote Code Execution
CVE ID : CVE-2025-54382
Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago
Description : Cherry Studio is a desktop client that supports for multiple LLM providers. In version 1.5.1, a remote code execution (RCE) vulnerability exists in the Cherry Studio platform when connecting to streamableHttp MCP servers. The issue arises from the server’s implicit trust in the oauth auth redirection endpoints and failure to properly sanitize the URL. This issue has been patched in version 1.5.2.
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54791 - OMERO.web Information Disclosure Vulnerability
CVE ID : CVE-2025-54791
Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago
Description : OMERO.web provides a web based client and plugin infrastructure. Prior to version 5.29.2, if an error occurred when resetting a user's password using the Forgot Password option in OMERO.web, the error message displayed on the Web page can disclose information about the user. This issue has been patched in version 5.29.2. A workaround involves disabling the Forgot password option in OMERO.web using the omero.web.show_forgot_password configuration property.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55004
Published : Aug. 13, 2025, 2:15 p.m. | 47 minutes ago
Description : ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, ImageMagick is vulnerable to heap-buffer overflow read around the handling of images with separate alpha channels when performing image magnification in ReadOneMNGIMage. This can likely be used to leak subsequent memory contents into the output image. This issue has been patched in version 7.1.2-1.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48989
Published : Aug. 13, 2025, 1:15 p.m. | 1 hour, 47 minutes ago
Description : Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL versions may also be affected.
Users are recommended to upgrade to one of versions 11.0.10, 10.1.44 or 9.0.108 which fix the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8671
Published : Aug. 13, 2025, 1:15 p.m. | 1 hour, 47 minutes ago
Description : A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service (DoS). By opening streams and then rapidly triggering the server to reset them—using malformed frames or flow control errors—an attacker can exploit incorrect stream accounting. Streams reset by the server are considered closed at the protocol level, even though backend processing continues. This allows a client to cause the server to handle an unbounded number of concurrent streams on a single connection. This CVE will be updated as affected product details are released.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8907 - H3C M2 NAS Webserver Configuration Privilege Escalation Vulnerability
CVE ID : CVE-2025-8907
Published : Aug. 13, 2025, 1:15 p.m. | 1 hour, 47 minutes ago
Description : A vulnerability was found in H3C M2 NAS V100R006. Affected by this vulnerability is an unknown functionality of the component Webserver Configuration. The manipulation leads to execution with unnecessary privileges. An attack has to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor explains: "[T]he device only has configuration files and does not actually have boa functionality. It is impossible to access or upload files anonymously to the device through boa services". This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8908 - Shanghai Lingdang Information Technology Lingdang CRM SQL Injection
CVE ID : CVE-2025-8908
Published : Aug. 13, 2025, 1:15 p.m. | 1 hour, 47 minutes ago
Description : A vulnerability was determined in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.5.4. Affected by this issue is some unknown functionality of the file crm/WeiXinApp/yunzhijia/event.php. The manipulation of the argument openid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 8.6.5 is able to address this issue. It is recommended to upgrade the affected component. The vendor explains: "All SQL injection vectors were patched via parameterized queries and input sanitization in v8.6.5+."
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54464
Published : Aug. 13, 2025, 12:15 p.m. | 2 hours, 47 minutes ago
Description : This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the unencrypted credentials stored in the firmware of targeted device.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54465
Published : Aug. 13, 2025, 12:15 p.m. | 2 hours, 47 minutes ago
Description : This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT credentials and endpoints stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve the hard-coded MQTT credentials and endpoints from the targeted device.
Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the MQTT broker and manipulate the communications of the targeted device.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55279
Published : Aug. 13, 2025, 12:15 p.m. | 2 hours, 47 minutes ago
Description : This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to retrieve private key stored in the firmware of the targeted device.
Successful exploitation of this vulnerability could allow the attacker to perform unauthorized decryption of sensitive data and Man-in-the-Middle (MitM) attacks on the targeted device.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55280 - ZKTeco WL20 PlainText Data Exposure Vulnerability
CVE ID : CVE-2025-55280
Published : Aug. 13, 2025, 12:15 p.m. | 2 hours, 47 minutes ago
Description : This vulnerability exists in ZKTeco WL20 due to storage of Wi-Fi credentials, configuration data and system data in plaintext within the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the plaintext sensitive data stored in the targeted device.
Successful exploitation of this vulnerability could allow the attacker to gain unauthorized network access, retrieve and manipulate data on the targeted device.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8912 - WellChoose Organization Portal System Arbitrary File Reading Vulnerability
CVE ID : CVE-2025-8912
Published : Aug. 13, 2025, 10:15 a.m. | 4 hours, 47 minutes ago
Description : Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8913 - WellChoose Organization Portal System Local File Inclusion Vulnerability
CVE ID : CVE-2025-8913
Published : Aug. 13, 2025, 10:15 a.m. | 4 hours, 47 minutes ago
Description : Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8914 - WellChoose Organization Portal System SQL Injection
CVE ID : CVE-2025-8914
Published : Aug. 13, 2025, 10:15 a.m. | 4 hours, 47 minutes ago
Description : Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8916 - Bouncy Castle for Java Excessive Allocation Memory Vulnerability
CVE ID : CVE-2025-8916
Published : Aug. 13, 2025, 10:15 a.m. | 4 hours, 47 minutes ago
Description : Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertP... https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.java , https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathRevi... https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java .
This issue affects Bouncy Castle for Java: from BC 1.44 through 1.78, from BCPKIX FIPS 1.0.0 through 1.0.7, from BCPKIX FIPS 2.0.0 through 2.0.7.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Violation de données personnelles de lrsquo;opérateur Bouygues Telecom : situation, risques et recommandations
L’opérateur de télécommunications Bouygues Telecom a été victime d’une attaque informatique qui a conduit à la violation de données à caractère personnel de certains de ses clients Grand Public dont une partie détenant un numéro SIREN. Il est à noter que les clients de la…
CVE-2025-8910 - WellChoose Organization Portal System Reflected Cross-site Scripting Vulnerability
CVE ID : CVE-2025-8910
Published : Aug. 13, 2025, 9:15 a.m. | 5 hours, 47 minutes ago
Description : Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8911 - WellChoose Organization Portal System Reflected Cross-site Scripting Vulnerability
CVE ID : CVE-2025-8911
Published : Aug. 13, 2025, 9:15 a.m. | 5 hours, 47 minutes ago
Description : Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55345
Published : Aug. 13, 2025, 9:15 a.m. | 3 hours, 25 minutes ago
Description : Using Codex CLI in workspace-write mode inside a malicious context (repo, directory, etc) could lead to arbitrary file overwrite and potentially remote code execution due to symlinks being followed outside the allowed current working directory.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8909 - WellChoose Organization Portal System Arbitrary File Reading Vulnerability
CVE ID : CVE-2025-8909
Published : Aug. 13, 2025, 9:15 a.m. | 3 hours, 25 minutes ago
Description : Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6184 - Tutor LMS Pro WordPress SQL Injection Vulnerability
CVE ID : CVE-2025-6184
Published : Aug. 13, 2025, 7:15 a.m. | 5 hours, 25 minutes ago
Description : The Tutor LMS Pro – eLearning and online course solution plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter used in the get_submitted_assignments() function in all versions up to, and including, 3.7.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Tutor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Only the Pro version is affected.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8760
Published : Aug. 13, 2025, 7:15 a.m. | 5 hours, 25 minutes ago
Description : A vulnerability was identified in INSTAR 2K+ and 4K 3.11.1 Build 1124. This affects the function base64_decode of the component fcgi_server. The manipulation of the argument Authorization leads to buffer overflow. It is possible to initiate the attack remotely.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8761 - INSTAR Denial of Service Vulnerability in Backend IPC Server
CVE ID : CVE-2025-8761
Published : Aug. 13, 2025, 7:15 a.m. | 5 hours, 25 minutes ago
Description : A vulnerability has been found in INSTAR 2K+ and 4K 3.11.1 Build 1124. This vulnerability affects unknown code of the component Backend IPC Server. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8762 - INSTAR UART Interface Physical Access Control Bypass
CVE ID : CVE-2025-8762
Published : Aug. 13, 2025, 7:15 a.m. | 5 hours, 25 minutes ago
Description : A vulnerability was found in INSTAR 2K+ and 4K 3.11.1 Build 1124. This issue affects some unknown processing of the component UART Interface. The manipulation leads to improper physical access control. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6715 - LatePoint WordPress Local File Inclusion Vulnerability
CVE ID : CVE-2025-6715
Published : Aug. 13, 2025, 6:15 a.m. | 6 hours, 25 minutes ago
Description : The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the layout parameter. This makes it possible for attackers to include and execute PHP files on the server, allowing the execution of any PHP code in those files.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7384 - "Elementor Forms PHP Object Injection Vulnerability"
CVE ID : CVE-2025-7384
Published : Aug. 13, 2025, 5:15 a.m. | 7 hours, 25 minutes ago
Description : The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.3 via deserialization of untrusted input in the get_lead_detail function. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain in the Contact Form 7 plugin, which is likely to be used alongside, allows attackers to delete arbitrary files, leading to a denial of service or remote code execution when the wp-config.php file is deleted.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-0818
Published : Aug. 13, 2025, 4:16 a.m. | 8 hours, 24 minutes ago
Description : Several WordPress plugins using elFinder versions 2.1.64 and prior are vulnerable to Directory Traversal in various versions. This makes it possible for unauthenticated attackers to delete arbitrary files. Successful exploitation of this vulnerability requires a site owner to explicitly make an instance of the file manager available to users.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8491 - Easy Restaurant Menu Manager for WordPress CSRF
CVE ID : CVE-2025-8491
Published : Aug. 13, 2025, 4:16 a.m. | 8 hours, 24 minutes ago
Description : The Easy restaurant menu manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the nsc_eprm_save_menu() function. This makes it possible for unauthenticated attackers to upload a menu file via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8891
Published : Aug. 13, 2025, 4:16 a.m. | 8 hours, 24 minutes ago
Description : The OceanWP theme for WordPress is vulnerable to Cross-Site Request Forgery in versions 4.0.9 to 4.1.1. This is due to missing or incorrect nonce validation on the oceanwp_notice_button_click() function. This makes it possible for unauthenticated attackers to install the Ocean Extra plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8880 - Google Chrome V8 Race Condition Execution of Arbitrary Code
CVE ID : CVE-2025-8880
Published : Aug. 13, 2025, 3:15 a.m. | 9 hours, 25 minutes ago
Description : Race in V8 in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8881 - Google Chrome File Picker Cross-Origin Data Leak
CVE ID : CVE-2025-8881
Published : Aug. 13, 2025, 3:15 a.m. | 9 hours, 25 minutes ago
Description : Inappropriate implementation in File Picker in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8882 - Google Chrome Aura Use-After-Free Vulnerability
CVE ID : CVE-2025-8882
Published : Aug. 13, 2025, 3:15 a.m. | 9 hours, 25 minutes ago
Description : Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8901 - Google Chrome ANGLE Out-of-Bounds Memory Access Vulnerability
CVE ID : CVE-2025-8901
Published : Aug. 13, 2025, 3:15 a.m. | 9 hours, 25 minutes ago
Description : Out of bounds write in ANGLE in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4410
Published : Aug. 13, 2025, 3:15 a.m. | 9 hours, 6 minutes ago
Description : A buffer overflow vulnerability exists in the module SetupUtility. An attacker with local privileged access can exploit this vulnerability by executeing arbitrary code.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8879 - Google Chrome Heap Buffer Overflow Vulnerability
CVE ID : CVE-2025-8879
Published : Aug. 13, 2025, 3:15 a.m. | 9 hours, 6 minutes ago
Description : Heap buffer overflow in libaom in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to potentially exploit heap corruption via a curated set of gestures. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4276
Published : Aug. 13, 2025, 2:15 a.m. | 10 hours, 6 minutes ago
Description : UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4277
Published : Aug. 13, 2025, 2:15 a.m. | 10 hours, 6 minutes ago
Description : Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute arbitrary code at SMM level.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54232 - Adobe Framemaker Use After Free Vulnerability
CVE ID : CVE-2025-54232
Published : Aug. 12, 2025, 11:15 p.m. | 10 hours, 24 minutes ago
Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54233
Published : Aug. 12, 2025, 11:15 p.m. | 10 hours, 24 minutes ago
Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54238
Published : Aug. 12, 2025, 11:15 p.m. | 10 hours, 24 minutes ago
Description : Dimension versions 4.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8395
Published : Aug. 12, 2025, 11:15 p.m. | 10 hours, 24 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-49457
Published : Aug. 12, 2025, 11:15 p.m. | 9 hours, 25 minutes ago
Description : Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54229 - Adobe Framemaker Use After Free Vulnerability
CVE ID : CVE-2025-54229
Published : Aug. 12, 2025, 11:15 p.m. | 9 hours, 25 minutes ago
Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54230
Published : Aug. 12, 2025, 11:15 p.m. | 9 hours, 25 minutes ago
Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54231 - Adobe Framemaker Use After Free Vulnerability
CVE ID : CVE-2025-54231
Published : Aug. 12, 2025, 11:15 p.m. | 9 hours, 25 minutes ago
Description : Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-49456 - Zoom Windows Installer Race Condition Vulnerability
CVE ID : CVE-2025-49456
Published : Aug. 12, 2025, 11:15 p.m. | 7 hours, 25 minutes ago
Description : Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application integrity via local access.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54222
Published : Aug. 12, 2025, 10:15 p.m. | 8 hours, 25 minutes ago
Description : Substance3D - Stager versions 3.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55170
Published : Aug. 12, 2025, 9:15 p.m. | 9 hours, 25 minutes ago
Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a reflected cross-site scripting (XSS) vulnerability was identified in the /html/alterar_senha.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the verificacao and redir_config parameter. This issue has been patched in version 3.4.8.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55171
Published : Aug. 12, 2025, 9:15 p.m. | 9 hours, 25 minutes ago
Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, the application does not check authentication at endpoint /html/personalizacao_remover.php allowing anonymous attacker (without login) to delete any Image files at endpoint /html/personalizacao_remover.php by defining imagem_0 as image id to delete. This issue has been patched in version 3.4.8.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55165
Published : Aug. 12, 2025, 9:15 p.m. | 9 hours, 6 minutes ago
Description : Autocaliweb is a web app that offers an interface for browsing, reading, and downloading eBooks using a valid Calibre database. Prior to version 0.8.3, the debug pack generated by Autocaliweb can expose sensitive configuration data, including API keys. This occurs because the to_dict() method, used to serialize configuration for the debug pack, doesn't adequately filter out sensitive fields such as API tokens. Users, unaware of the full contents, might share these debug packs, inadvertently leaking their private API keys. This issue has been patched in version 0.8.3.
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54235
Published : Aug. 12, 2025, 9:15 p.m. | 7 hours, 25 minutes ago
Description : Substance3D - Modeler versions 1.22.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54226 - Adobe InDesign Use After Free Vulnerability
CVE ID : CVE-2025-54226
Published : Aug. 12, 2025, 9:15 p.m. | 7 hours, 6 minutes ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54227
Published : Aug. 12, 2025, 9:15 p.m. | 7 hours, 6 minutes ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54228
Published : Aug. 12, 2025, 9:15 p.m. | 7 hours, 6 minutes ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54219
Published : Aug. 12, 2025, 9:15 p.m. | 5 hours, 24 minutes ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54220
Published : Aug. 12, 2025, 9:15 p.m. | 5 hours, 24 minutes ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54221
Published : Aug. 12, 2025, 9:15 p.m. | 5 hours, 24 minutes ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54223 - Adobe InCopy Use After Free Vulnerability
CVE ID : CVE-2025-54223
Published : Aug. 12, 2025, 9:15 p.m. | 5 hours, 24 minutes ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54224 - Adobe InDesign Use After Free Vulnerability
CVE ID : CVE-2025-54224
Published : Aug. 12, 2025, 9:15 p.m. | 5 hours, 24 minutes ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54225 - Adobe InDesign Use After Free Vulnerability (Arbitrary Code Execution)
CVE ID : CVE-2025-54225
Published : Aug. 12, 2025, 9:15 p.m. | 5 hours, 24 minutes ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54217
Published : Aug. 12, 2025, 9:15 p.m. | 3 hours, 24 minutes ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54218
Published : Aug. 12, 2025, 9:15 p.m. | 3 hours, 24 minutes ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54208
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54209
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54210
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54211
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54212
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54213
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54214
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54215
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54216
Published : Aug. 12, 2025, 9:15 p.m. | 1 hour, 24 minutes ago
Description : InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54207
Published : 12 de agosto de 2025 a las 21:15 | 1 hora ago
Description : InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-45584
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : A double free vulnerability [CWE-415] in Fortinet FortiOS version 7.4.0, version 7.2.0 through 7.2.5 and before 7.0.12, FortiProxy version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 and FortiPAM version 1.1.0 through 1.1.2 and before 1.0.3 allows a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-26009 - Fortinet FortiOS Authentication Bypass via FGFM Requests
CVE ID : CVE-2024-26009
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : An authentication bypass using an alternate path or channel [CWE-288] vulnerability in Fortinet FortiOS version 6.4.0 through 6.4.15 and before 6.2.16, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8 and before 7.0.15 & FortiPAM before version 1.2.0 allows an unauthenticated attacker to seize control of a managed device via crafted FGFM requests, if the device is managed by a FortiManager, and if the attacker knows that FortiManager's serial number.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-40588
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7.6.0 through 7.6.1 and before 7.4.3, FortiVoice version 7.0.0 through 7.0.5 and before 7.4.9, FortiRecorder version 7.2.0 through 7.2.1 and before 7.0.4, FortiCamera & FortiNDR version 7.6.0 and before 7.4.6 may allow a privileged attacker to read files from the underlying filesystem via crafted CLI requests.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-48892
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : A relative path traversal vulnerability [CWE-23] in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an authenticated attacker to read arbitrary files via uploading a malicious solution pack.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-52964
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9 and below 7.0.13 & FortiManager Cloud version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5 and before 7.2.9 allows an authenticated remote attacker to overwrite arbitrary files via FGFM crafted requests.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-25248 - FortiOS Integer Overflow in SSL-VPN Bookmarks
CVE ID : CVE-2025-25248
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : An Integer Overflow or Wraparound vulnerability [CWE-190] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.2 all versions, 6.4 all versions, FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions and FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions SSL-VPN RDP and VNC bookmarks may allow an authenticated user to affect the device SSL-VPN availability via crafted requests.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-25256 - Fortinet FortiSIEM OS Command Injection
CVE ID : CVE-2025-25256
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute unauthorized code or commands via crafted CLI requests.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27759 - Fortinet FortiWeb OS Command Injection
CVE ID : CVE-2025-27759
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and before 7.0.10 allows an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI commands
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32766
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or commands via crafted CLI commands
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32932
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : An Improper neutralization of input during web page generation ('cross-site scripting') vulnerability [CWE-79] in FortiSOAR version 7.6.1 and below, version 7.5.1 and below, 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions WEB UI may allow an authenticated remote attacker to perform an XSS attack via stored malicious service requests
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36124 - IBM WebSphere Application Server Liberty JMS Message Injection Vulnerability
CVE ID : CVE-2025-36124
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : IBM WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.8 could allow a remote attacker to bypass security restrictions caused by a failure to honor JMS messaging configuration
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43734
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows a remote authenticated attacker to inject JavaScript code in the “first display label” field in the configuration of a custom sort widget. This malicious payload is then reflected and executed by clay button taglib when refreshing the page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47857 - Fortinet FortiWeb OS Command Injection
CVE ID : CVE-2025-47857
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : A improper neutralization of special elements used in an os command ('os command injection') vulnerability [CWE-78] in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or command via crafted CLI commands.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-49813 - Fortinet FortiADC OS Command Injection
CVE ID : CVE-2025-49813
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : An improper neutralization of special elements used in an OS Command ("OS Command Injection") vulnerability [CWE-78] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a remote and authenticated attacker with low privilege to execute unauthorized code via specifically crafted HTTP parameters.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52970
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : A improper handling of parameters in Fortinet FortiWeb versions 7.6.3 and below, versions 7.4.7 and below, versions 7.2.10 and below, and 7.0.10 and below may allow an unauthenticated remote attacker with non-public information pertaining to the device and targeted user to gain admin privileges on the device via a specially crafted request.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53744
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : An incorrect privilege assignment vulnerability [CWE-266] in FortiOS Security Fabric version 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.0 all versions, 6.4 all versions, may allow a remote authenticated attacker with high privileges to escalate their privileges to super-admin via registering the device to a malicious FortiManager.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55168
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/saude/aplicar_medicamento.php endpoint, specifically in the id_fichamedica parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. This issue has been patched in version 3.4.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55169
Published : Aug. 12, 2025, 7:15 p.m. | 1 hour, 3 minutes ago
Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a path traversal vulnerability was discovered in the WeGIA application, html/socio/sistema/download_remessa.php endpoint. This vulnerability could allow an attacker to gain unauthorized access to local files in the server and sensitive information stored in config.php. config.php contains information that could allow direct access to the database. This issue has been patched in version 3.4.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53779 - Microsoft Windows Kerberos Path Traversal Privilege Escalation
CVE ID : CVE-2025-53779
Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago
Description : Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53781 - Azure Virtual Machines Information Exposure Vulnerability
CVE ID : CVE-2025-53781
Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago
Description : Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an authorized attacker to disclose information over a network.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53783 - Microsoft Teams Heap Buffer Overflow Remote Code Execution Vulnerability
CVE ID : CVE-2025-53783
Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago
Description : Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53784 - Microsoft Office Word Use After Free Remote Code Execution Vulnerability
CVE ID : CVE-2025-53784
Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago
Description : Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53788 - Windows Subsystem for Linux TOCTOU Privilege Escalation
CVE ID : CVE-2025-53788
Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago
Description : Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53789 - Windows StateRepository API Local Privilege Escalation
CVE ID : CVE-2025-53789
Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago
Description : Missing authentication for critical function in Windows StateRepository API allows an authorized attacker to elevate privileges locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53793
Published : Aug. 12, 2025, 6:15 p.m. | 2 hours, 2 minutes ago
Description : Improper authentication in Azure Stack allows an unauthorized attacker to disclose information over a network.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53733 - Microsoft Office Word Integer Overflow Remote Code Execution Vulnerability
CVE ID : CVE-2025-53733
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Incorrect conversion between numeric types in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53734 - Microsoft Office Visio Use-After-Free Remote Code Execution Vulnerability
CVE ID : CVE-2025-53734
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53735 - Microsoft Office Excel Use-After-Free Vulnerability
CVE ID : CVE-2025-53735
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53736 - Microsoft Office Word Buffer Over-Read Information Disclosure
CVE ID : CVE-2025-53736
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Buffer over-read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53737 - Microsoft Office Excel Heap-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-53737
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53738 - Microsoft Office Word Use After Free Code Execution Vulnerability
CVE ID : CVE-2025-53738
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53739 - Microsoft Office Excel Type Confusion Code Execution Vulnerability
CVE ID : CVE-2025-53739
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53740 - Microsoft Office Use-After-Free Code Execution Vulnerability
CVE ID : CVE-2025-53740
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53741 - Microsoft Office Excel Heap-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-53741
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53759 - Microsoft Office Excel Uninitialized Resource Code Execution Vulnerability
CVE ID : CVE-2025-53759
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53760
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53761 - Microsoft Office PowerPoint Use-After-Free Remote Code Execution Vulnerability
CVE ID : CVE-2025-53761
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53765 - Azure Stack Information Disclosure Vulnerability
CVE ID : CVE-2025-53765
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Exposure of private personal information to an unauthorized actor in Azure Stack allows an authorized attacker to disclose information locally.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53766 - Windows GDI+ Heap-based Buffer Overflow
CVE ID : CVE-2025-53766
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53769 - Windows Security App Path Traversal Vulnerability
CVE ID : CVE-2025-53769
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : External control of file name or path in Windows Security App allows an authorized attacker to perform spoofing locally.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53772 - Web Deploy Untrusted Data Deserialization Code Execution Vulnerability
CVE ID : CVE-2025-53772
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53773
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to execute code locally.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53778 - Microsoft Windows NTLM Privilege Escalation
CVE ID : CVE-2025-53778
Published : Aug. 12, 2025, 6:15 p.m. | 23 minutes ago
Description : Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24835 - Intel Arc B-Series Graphics Denial of Service Vulnerability
CVE ID : CVE-2025-24835
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Protection mechanism failure in the Intel(R) Graphics Driver for the Intel(R) Arc(TM) B-Series graphics before version 32.0.101.6737 may allow an authenticated user to potentially enable denial of service via local access.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24840
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Improper access control for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24921 - Intel Tiber Edge Orchestrator Improper Neutralization Information Disclosure
CVE ID : CVE-2025-24921
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Improper neutralization for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24923 - "Intel AI for Enterprise Retrieval-augmented Generation Uncontrolled Search Path Vulnerability (EoP)"
CVE ID : CVE-2025-24923
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Uncontrolled search path in some Intel(R) AI for Enterprise Retrieval-augmented Generation software may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-25273 - Intel 700 Series Ethernet Kernel Mode Driver Control Flow Vulnerability
CVE ID : CVE-2025-25273
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-26403
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-26404
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Uncontrolled search path for some Intel(R) DSA software before version 25.2.15.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-26470 - Intel Distribution for Python Unprivileged Privilege Escalation
CVE ID : CVE-2025-26470
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Incorrect default permissions for some Intel(R) Distribution for Python software installers before version 2025.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-26472 - Intel Tiber Edge Platform Denial of Service
CVE ID : CVE-2025-26472
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-26697 - Intel 700 Series Ethernet Unauthenticated Denial of Service
CVE ID : CVE-2025-26697
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-26863 - Intel 700 Series Ethernet Denial of Service
CVE ID : CVE-2025-26863
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service.
Severity: 3.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27250 - Intel Tiber Edge Platform Denial of Service
CVE ID : CVE-2025-27250
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27537
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Improper input validation for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable escalation of privilege via adjacent access.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27559 - Apache AI Playground Privilege Escalation
CVE ID : CVE-2025-27559
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Incorrect default permissions for some AI Playground software before version v2.3.0 alpha may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27576 - Intel Tiber Edge Platform Unauthenticated Denial of Service Vulnerability
CVE ID : CVE-2025-27576
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an unauthenticated user to potentially enable denial of service via local access.
Severity: 2.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27707 - Intel Tiber Edge Orchestrator Sensitive Information Exposure Denial of Service
CVE ID : CVE-2025-27707
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software before version 24.11.1 for Intel(R) Tiber(TM) Edge Platform may allow an authenticated user to potentially enable denial of service via adjacent access.
Severity: 2.6 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27717
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Uncontrolled search path for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable escalation of privilege via local access
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32004
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Improper input validation in the Intel Edger8r Tool for some Intel(R) SGX SDK may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity: 3.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32086
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-49563
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Illustrator versions 28.7.8, 29.6.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-49564
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-49567 - Adobe Illustrator NULL Pointer Dereference Denial of Service
CVE ID : CVE-2025-49567
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-49568 - Adobe Illustrator Use After Free Vulnerability
CVE ID : CVE-2025-49568
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55166 - Savg-sanitizer Cross-Site Scripting and External Domain Linking Vulnerability
CVE ID : CVE-2025-55166
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : savg-sanitizer is a PHP SVG/XML sanitizer. Prior to version 0.22.0, the sanitization logic in the cleanXlinkHrefs method only searches for lower-case attribute name, which allows to by-pass the isHrefSafeValue check. As a result this allows cross-site scripting or linking to external domains. This issue has been patched in version 0.22.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55167
Published : Aug. 12, 2025, 5:15 p.m. | 58 minutes ago
Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/funcionario/dependente_remover.php endpoint, specifically in the id_dependente parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. This issue has been patched in version 3.4.8.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38500 - Linux Kernel xfrm Interface Use-After-Free Vulnerability
CVE ID : CVE-2025-38500
Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
xfrm: interface: fix use-after-free after changing collect_md xfrm interface
collect_md property on xfrm interfaces can only be set on device creation,
thus xfrmi_changelink() should fail when called on such interfaces.
The check to enforce this was done only in the case where the xi was
returned from xfrmi_locate() which doesn't look for the collect_md
interface, and thus the validation was never reached.
Calling changelink would thus errornously place the special interface xi
in the xfrmi_net->xfrmi hash, but since it also exists in the
xfrmi_net->collect_md_xfrmi pointer it would lead to a double free when
the net namespace was taken down [1].
Change the check to use the xi from netdev_priv which is available earlier
in the function to prevent changes in xfrm collect_md interfaces.
[1] resulting oops:
[ 8.516540] kernel BUG at net/core/dev.c:12029!
[ 8.516552] Oops: invalid opcode: 0000 [#1] SMP NOPTI
[ 8.516559] CPU: 0 UID: 0 PID: 12 Comm: kworker/u80:0 Not tainted 6.15.0-virtme #5 PREEMPT(voluntary)
[ 8.516565] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[ 8.516569] Workqueue: netns cleanup_net
[ 8.516579] RIP: 0010:unregister_netdevice_many_notify+0x101/0xab0
[ 8.516590] Code: 90 0f 0b 90 48 8b b0 78 01 00 00 48 8b 90 80 01 00 00 48 89 56 08 48 89 32 4c 89 80 78 01 00 00 48 89 b8 80 01 00 00 eb ac 90 <0f> 0b 48 8b 45 00 4c 8d a0 88 fe ff ff 48 39 c5 74 5c 41 80 bc 24
[ 8.516593] RSP: 0018:ffffa93b8006bd30 EFLAGS: 00010206
[ 8.516598] RAX: ffff98fe4226e000 RBX: ffffa93b8006bd58 RCX: ffffa93b8006bc60
[ 8.516601] RDX: 0000000000000004 RSI: 0000000000000000 RDI: dead000000000122
[ 8.516603] RBP: ffffa93b8006bdd8 R08: dead000000000100 R09: ffff98fe4133c100
[ 8.516605] R10: 0000000000000000 R11: 00000000000003d2 R12: ffffa93b8006be00
[ 8.516608] R13: ffffffff96c1a510 R14: ffffffff96c1a510 R15: ffffa93b8006be00
[ 8.516615] FS: 0000000000000000(0000) GS:ffff98fee73b7000(0000) knlGS:0000000000000000
[ 8.516619] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 8.516622] CR2: 00007fcd2abd0700 CR3: 000000003aa40000 CR4: 0000000000752ef0
[ 8.516625] PKRU: 55555554
[ 8.516627] Call Trace:
[ 8.516632]
[ 8.516635] ? rtnl_is_locked+0x15/0x20
[ 8.516641] ? unregister_netdevice_queue+0x29/0xf0
[ 8.516650] ops_undo_list+0x1f2/0x220
[ 8.516659] cleanup_net+0x1ad/0x2e0
[ 8.516664] process_one_work+0x160/0x380
[ 8.516673] worker_thread+0x2aa/0x3c0
[ 8.516679] ? __pfx_worker_thread+0x10/0x10
[ 8.516686] kthread+0xfb/0x200
[ 8.516690] ? __pfx_kthread+0x10/0x10
[ 8.516693] ? __pfx_kthread+0x10/0x10
[ 8.516697] ret_from_fork+0x82/0xf0
[ 8.516705] ? __pfx_kthread+0x10/0x10
[ 8.516709] ret_from_fork_asm+0x1a/0x30
[ 8.516718] Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3089 - ServiceNow AI Platform Broken Access Control Vulnerability
CVE ID : CVE-2025-3089
Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading to unauthorized data modifications. This issue is addressed in the listed patches and family releases, which have been made available to hosted and self-hosted customers, as well as partners.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54800
Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : Hydra is a continuous integration service for Nix based projects. Prior to commit dea1e16, a malicious package can introduce arbitrary JavaScript code into the Hydra database that is automatically evaluated in a client's browser when anyone visits the build page. This could be done by a third-party project as part of its build process. This also happens in other places like with hydra-release-name. This issue has been patched by commit dea1e16. A workaround involves either not building untrusted packages or not visiting the builds page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54864 - Hydra Unauthenticated API Calls Vulnerability
CVE ID : CVE-2025-54864
Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : Hydra is a continuous integration service for Nix based projects. Prior to commit f7bda02, /api/push-github and /api/push-gitea are called by the corresponding forge without HTTP Basic authentication. Both forges do however feature HMAC signing with a secret key. Triggering an evaluation can be very taxing on the infrastructure when large evaluations are done, introducing potential denial of service attacks on the host running the evaluator. This issue has been patched by commit f7bda02. A workaround involves blocking /api/push-github and /api/push-gitea via a reverse proxy.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55010
Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, an unsafe deserialization vulnerability in the ProjectEventActvityFormatter allows admin users the ability to instantiate arbitrary php objects by modifying the event["data"] field in the project_activities table. A malicious actor can update this field to use a php gadget to write a web shell into the /plugins folder, which then gives remote code execution on the host system. This issue has been patched in version 1.2.47.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55011
Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, the createTaskFile method in the API does not validate whether the task_id parameter is a valid task id, nor does it check for path traversal. As a result, a malicious actor could write a file anywhere on the system the app user controls. The impact is limited due to the filename being hashed and having no extension. This issue has been patched in version 1.2.47.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55164 - "Prototype Pollution in Apache Content-Security-Policy-Parser"
CVE ID : CVE-2025-55164
Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : content-security-policy-parser parses content security policy directives. A prototype pollution vulnerability exists in versions 0.5.0 and earlier, wherein if a policy name is called __proto__, one can override the Object prototype. This issue has been patched in version 0.6.0. A workaround involves disabling prototype method in NodeJS, neutralizing all possible prototype pollution attacks. Provide either --disable-proto=delete (recommended) or --disable-proto=throw as an argument to node to enable this feature.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8452 - Brother Multi-Function Printer Serial Number Disclosure and Default Administrator Password Calculation Vulnerability
CVE ID : CVE-2025-8452
Published : Aug. 12, 2025, 4:15 p.m. | 1 hour, 10 minutes ago
Description : By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to calculate the default administrator password. This flaw is similar to CVE-2024-51977, with the only difference being the protocol by which an attacker can use to learn the remote device's serial number. The eSCL/uscan vector is typically only exposed on the local network. Any discovery service that implements the eSCL specification can be used to exploit this vulnerability, and one such implementation is the runZero Explorer. Changing the default administrator password will render this vulnerability virtually worthless, since the calculated default administrator password would no longer be the correct password.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-38805 - EDK2 BIOS Integer Overflow Denial of Service Vulnerability
CVE ID : CVE-2024-38805
Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago
Description : EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3831
Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago
Description : Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5456 - Ivanti Connect Secure Buffer Over-read DOS Vulnerability
CVE ID : CVE-2025-5456
Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago
Description : A buffer over-read vulnerability in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote unauthenticated attacker to trigger a denial of service. CWE-125
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5462
Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago
Description : A heap-based buffer overflow in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote unauthenticated attacker to trigger a denial of service.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5466 - "Ivanti Connect Secure and Ivanti Policy Secure Denial of Service Vulnerability"
CVE ID : CVE-2025-5466
Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago
Description : XEE in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a remote authenticated attacker with admin privileges to trigger a denial of service
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5468 - Ivanti Connect Secure, Policy Secure, ZTA Gateway, Neurons for Secure Access Local File Reading via Symbolic Link Vulnerability
CVE ID : CVE-2025-5468
Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago
Description : Improper handling of symbolic links in Ivanti Connect Secure before version 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 (Fix deployed on 02-Aug-2025) allows a local authenticated attacker to read arbitrary files on disk.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8296
Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago
Description : SQL injection in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to execute arbitrary SQL queries. In certain conditions, this can also lead to remote code execution
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8297
Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago
Description : Incomplete restriction of configuration in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to achieve remote code execution
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8310
Published : Aug. 12, 2025, 3:15 p.m. | 2 hours, 10 minutes ago
Description : Missing authorization in the admin console of Ivanti Virtual Application Delivery Controller before version 22.9 allows a remote authenticated attacker to take over admin accounts by resetting the password
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-22830
Published : Aug. 12, 2025, 2:15 p.m. | 3 hours, 10 minutes ago
Description : APTIOV contains a vulnerability in BIOS where a skilled user may cause “Race Condition” by local access. A successful exploitation of this vulnerability may lead to resource exhaustion and impact Confidentiality, Integrity, and Availability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22834 - AMI APTIOV BIOS Improper Initialization Vulnerability
CVE ID : CVE-2025-22834
Published : Aug. 12, 2025, 2:15 p.m. | 3 hours, 10 minutes ago
Description : AMI APTIOV contains a vulnerability in BIOS where a user may cause “Improper Initialization” by local accessing. Successful exploitation of this vulnerability may leave the resource in an unexpected state and potentially impact confidentiality, integrity, and availability.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43735
Published : Aug. 12, 2025, 1:15 p.m. | 4 hours, 10 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the google_gadget.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-40766 - SINEC Traffic Analyzer Docker DoS Vulnerability
CVE ID : CVE-2025-40766
Published : Aug. 12, 2025, 12:15 p.m. | 5 hours, 10 minutes ago
Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate resource and security limitations. This could allow an attacker to perform a denial-of-service (DoS) attack.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40767
Published : Aug. 12, 2025, 12:15 p.m. | 5 hours, 10 minutes ago
Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application runs docker containers without adequate security controls to enforce isolation. This could allow an attacker to gain elevated access, potentially accessing sensitive host system resources.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-40768 - SINEC Traffic Analyzer Remote Service Access Vulnerability
CVE ID : CVE-2025-40768
Published : Aug. 12, 2025, 12:15 p.m. | 5 hours, 10 minutes ago
Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application exposes an internal service port to be accessible from outside the system. This could allow an unauthorized attacker to access the application.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40769
Published : Aug. 12, 2025, 12:15 p.m. | 5 hours, 10 minutes ago
Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V3.0). The affected application uses a Content Security Policy that allows unsafe script execution methods. This could allow an attacker to execute unauthorized scripts, potentially leading to cross-site scripting attacks.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40770
Published : Aug. 12, 2025, 12:15 p.m. | 5 hours, 10 minutes ago
Description : A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). The affected application uses a monitoring interface that is not operating in a strictly passive mode. This could allow an attacker to interact with the interface, leading to man-in-the-middle attacks.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-41986 - Siemens Opcenter QL Home, SOA Audit, and SOA Cockpit TLS Insecure Protocol Vulnerability
CVE ID : CVE-2024-41986
Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application support insecure TLS 1.0 and 1.1 protocol. An attacker could achieve a man-in-the-middle attack and compromise confidentiality and integrity of data.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30033
Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago
Description : The affected setup component is vulnerable to DLL hijacking. This could allow an attacker to execute arbitrary code when a legitimate user installs an application that uses the affected setup component.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30034 - "SIMATIC RTLS Locating Manager Unauthenticated Local Denial of Service"
CVE ID : CVE-2025-30034
Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected devices do not properly validate input sent to its listening port on the local loopback interface. This could allow an unauthenticated local attacker to cause a denial of service condition.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-33023
Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions), RUGGEDCOM ROX MX5000RE (All versions), RUGGEDCOM ROX RX1400 (All versions), RUGGEDCOM ROX RX1500 (All versions), RUGGEDCOM ROX RX1501 (All versions), RUGGEDCOM ROX RX1510 (All versions), RUGGEDCOM ROX RX1511 (All versions), RUGGEDCOM ROX RX1512 (All versions), RUGGEDCOM ROX RX1524 (All versions), RUGGEDCOM ROX RX1536 (All versions), RUGGEDCOM ROX RX5000 (All versions). The affected devices do not properly enforce the restriction of files that can be uploaded from the web interface. This could allow an authenticated remote attacker with high privileges in the web interface to upload arbitrary files.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-40584 - Siemens SIMOTION and SINAMICS XXE File Disclosure Vulnerability
CVE ID : CVE-2025-40584
Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability has been identified in SIMOTION SCOUT TIA V5.4 (All versions), SIMOTION SCOUT TIA V5.5 (All versions), SIMOTION SCOUT TIA V5.6 (All versions < V5.6 SP1 HF7), SIMOTION SCOUT TIA V5.7 (All versions < V5.7 SP1 HF1), SIMOTION SCOUT V5.4 (All versions), SIMOTION SCOUT V5.5 (All versions), SIMOTION SCOUT V5.6 (All versions < V5.6 SP1 HF7), SIMOTION SCOUT V5.7 (All versions < V5.7 SP1 HF1), SINAMICS STARTER V5.5 (All versions), SINAMICS STARTER V5.6 (All versions), SINAMICS STARTER V5.7 (All versions). The affected application contains a XML External Entity Injection (XXE) vulnerability while parsing specially crafted XML files. This could allow an attacker to read arbitrary files in the system.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40743
Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability has been identified in SINUMERIK 828D PPU.4 (All versions < V4.95 SP5), SINUMERIK 828D PPU.5 (All versions < V5.25 SP1), SINUMERIK 840D sl (All versions < V4.95 SP5), SINUMERIK MC (All versions < V1.25 SP1), SINUMERIK MC V1.15 (All versions < V1.15 SP5), SINUMERIK ONE (All versions < V6.25 SP1), SINUMERIK ONE V6.15 (All versions < V6.15 SP5). The affected application improperly validates authentication for its VNC access service, allowing access with insufficient password verification.
This could allow an attacker to gain unauthorized remote access and potentially compromise system confidentiality, integrity, or availability.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40746
Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2). Affected products do not properly validate input for a backup script. This could allow an authenticated remote attacker with high privileges in the application to execute arbitrary code with 'NT Authority/SYSTEM' privileges.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40751
Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.3). Affected SIMATIC RTLS Locating Manager Report Clients do not properly protect credentials that are used to authenticate to the server. This could allow an authenticated local attacker to extract the credentials and use them to escalate their access rights from the Manager to the Systemadministrator role.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-40752 - SICAM Power Meter Password Storage Vulnerability
CVE ID : CVE-2025-40752
Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q200 family (All versions >= V2.70 < V2.80). Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extract it and use the configured SMTP service for arbitrary purposes.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-40753 - SICAM Power Meter SMTP Password Exposure
CVE ID : CVE-2025-40753
Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability has been identified in POWER METER SICAM Q100 (7KG9501-0AA01-0AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA01-2AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-0AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q100 (7KG9501-0AA31-2AA1) (All versions >= V2.60 < V2.62), POWER METER SICAM Q200 family (All versions >= V2.70 < V2.80). Affected devices export the password for the SMTP account as plain text in the Configuration File. This could allow an authenticated local attacker to extract it and use the configured SMTP service for arbitrary purposes.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40761
Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions), RUGGEDCOM ROX MX5000RE (All versions), RUGGEDCOM ROX RX1400 (All versions), RUGGEDCOM ROX RX1500 (All versions), RUGGEDCOM ROX RX1501 (All versions), RUGGEDCOM ROX RX1510 (All versions), RUGGEDCOM ROX RX1511 (All versions), RUGGEDCOM ROX RX1512 (All versions), RUGGEDCOM ROX RX1524 (All versions), RUGGEDCOM ROX RX1536 (All versions), RUGGEDCOM ROX RX5000 (All versions). Affected devices do not properly limit access through its Built-In-Self-Test (BIST) mode.
This could allow an attacker with physical access to the serial interface to bypass authentication and get access to a root shell on the device.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40762
Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). The affected applications contain an out of bounds write vulnerability when parsing a specially crafted STP file. This could allow an attacker to execute code in the context of the current process.(ZDI-CAN-26692)
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40764
Published : Aug. 12, 2025, 12:15 p.m. | 3 hours, 13 minutes ago
Description : A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). The affected applications contains an out of bounds read vulnerability while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-41984 - Siemens Opcenter QL Home, SOA Audit, and SOA Cockpit Improper Error Handling Exposes System Applications
CVE ID : CVE-2024-41984
Published : Aug. 12, 2025, 12:15 p.m. | 1 hour, 48 minutes ago
Description : A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application improperly handles error while accessing an inaccessible resource leading to exposing the system applications.
Severity: 2.6 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-41985 - Siemens Opcenter QL Home and SOA Session Persistence Vulnerability
CVE ID : CVE-2024-41985
Published : Aug. 12, 2025, 12:15 p.m. | 1 hour, 48 minutes ago
Description : A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application does not expire the session without logout. This could allow an attacker to get unauthorized access if the session is left idle.
Severity: 2.6 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-41983 - Siemens Opcenter QL Home, SOA Audit, and SOA Cockpit SQL Injection Vulnerability
CVE ID : CVE-2024-41983
Published : Aug. 12, 2025, 12:15 p.m. | 22 minutes ago
Description : A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >= V13.2 < V2506), SOA Audit (All versions >= V13.2 < V2506), SOA Cockpit (All versions >= V13.2 < V2506). The affected application displays SQL statement in the error messages encountered during the generation of reports using Cockpit tool.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43736 - Liferay Portal Liferay DXP File Upload Denial Of Service (DOS)
CVE ID : CVE-2025-43736
Published : Aug. 12, 2025, 11:15 a.m. | 53 minutes ago
Description : A Denial Of Service via File Upload (DOS) vulnerability in the Liferay Portal 7.4.3.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.8, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.16 and 7.4 GA through update 92 allows a user to upload more than 300kb profile picture into the user profile. This size more than the noted max 300kb size. This extra amount of data can make Liferay slower.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8885 - Bouncy Castle for Java Resource Allocation Denial of Service
CVE ID : CVE-2025-8885
Published : Aug. 12, 2025, 10:15 a.m. | 1 hour, 53 minutes ago
Description : Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/core/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.Java.
This issue affects Bouncy Castle for Java: from BC 1.0 through 1.77, from BC-FJA 1.0.0 through 2.0.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-26398
Published : Aug. 12, 2025, 8:15 a.m. | 3 hours, 53 minutes ago
Description : SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle (MITM) attack against users. This vulnerability requires additional software not installed by default, local access to the server and administrator level privileges on the host.
Severity: 5.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41686 - Microsoft NSSM Elevation of Privilege
CVE ID : CVE-2025-41686
Published : Aug. 12, 2025, 8:15 a.m. | 3 hours, 53 minutes ago
Description : A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their privileges and gain administrative access.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47444 - Liquid Web GiveWP Sensitive Data Retrieval Vulnerability
CVE ID : CVE-2025-47444
Published : Aug. 12, 2025, 7:15 a.m. | 4 hours, 53 minutes ago
Description : Insertion of Sensitive Information Into Sent Data vulnerability in Liquid Web GiveWP allows Retrieve Embedded Sensitive Data.This issue affects GiveWP: from n/a before 4.6.1.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8418
Published : Aug. 12, 2025, 7:15 a.m. | 4 hours, 53 minutes ago
Description : The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Arbitrary Plugin Installation in all versions up to, and including, 1.1.30. This is due to missing capability checks on the activated_plugin function. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins on the server which can make remote code execution possible.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8482 - WordPress Simple Local Avatars Unauthenticated Data Modification Vulnerability
CVE ID : CVE-2025-8482
Published : Aug. 12, 2025, 7:15 a.m. | 4 hours, 53 minutes ago
Description : The Simple Local Avatars plugin for WordPress is vulnerable to unauthorized modification of data in version 2.8.4. This is due to a missing capability check on the migrate_from_wp_user_avatar() function. This makes it possible for authenticated attackers, with subscriber-level access and above, to migrate avatar metadata for all users.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8767 - WordPress AnWP Football Leagues Plugin CSV Injection Vulnerability
CVE ID : CVE-2025-8767
Published : Aug. 12, 2025, 7:15 a.m. | 4 hours, 53 minutes ago
Description : The AnWP Football Leagues plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 0.16.17 via the 'download_csv_players' and 'download_csv_games' functions. This makes it possible for authenticated attackers, with Administrator-level access and above, to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8874
Published : Aug. 12, 2025, 7:15 a.m. | 4 hours, 53 minutes ago
Description : The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 2.0.8.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30027
Published : Aug. 12, 2025, 6:15 a.m. | 5 hours, 53 minutes ago
Description : An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3892
Published : Aug. 12, 2025, 6:15 a.m. | 5 hours, 53 minutes ago
Description : ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6253 - "UiCore Elements WordPress Arbitrary File Read Vulnerability"
CVE ID : CVE-2025-6253
Published : Aug. 12, 2025, 6:15 a.m. | 5 hours, 53 minutes ago
Description : The UiCore Elements – Free Elementor widgets and templates plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.3.0 via the prepare_template() function due to a missing capability check and insufficient controls on the filename specified. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8081
Published : Aug. 12, 2025, 6:15 a.m. | 5 hours, 53 minutes ago
Description : The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.30.2 via the Import_Images::import() function due to insufficient controls on the filename specified. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7622
Published : Aug. 12, 2025, 5:15 a.m. | 6 hours, 53 minutes ago
Description : During an internal security assessment, a Server-Side Request Forgery (SSRF) vulnerability that allowed an authenticated attacker to access internal resources on the server was discovered.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8059 - WordPress B Blocks Privilege Escalation
CVE ID : CVE-2025-8059
Published : Aug. 12, 2025, 5:15 a.m. | 6 hours, 53 minutes ago
Description : The B Blocks plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization and improper input validation within the rgfr_registration() function in all versions up to, and including, 2.0.6. This makes it possible for unauthenticated attackers to create a new account and assign it the administrator role.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8314
Published : Aug. 12, 2025, 5:15 a.m. | 6 hours, 53 minutes ago
Description : The Software Issue Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccess_msg parameter in all versions up to, and including, 5.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42976 - SAP NetWeaver Application Server ABAP Buffer Overflow
CVE ID : CVE-2025-42976
Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago
Description : SAP NetWeaver Application Server ABAP (BIC Document) allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. On successful exploitation, this results in the crash of the target component. Multiple submissions can make the target completely unavailable. A similarly crafted submission can be used to perform an out-of-bounds read operation as well, revealing sensitive information that is loaded in memory at that time. There is no ability to modify any information.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-4390 - WordPress Private Content Plus Sensitive Information Exposure
CVE ID : CVE-2025-4390
Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago
Description : The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'validate_restrictions' function. This makes it possible for unauthenticated attackers to extract sensitive data including the content of resticted posts on archive and feed pages.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5391
Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago
Description : The WooCommerce Purchase Orders plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_file() function in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8462
Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago
Description : The RT Easy Builder – Advanced addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the social URL parameter in all versions up to, and including, 2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8568
Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago
Description : The GMap Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘h’ parameter in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8621 - Mosaic Generator Stored Cross-Site Scripting Vulnerability in WordPress
CVE ID : CVE-2025-8621
Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago
Description : The Mosaic Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘c’ parameter in all versions up to, and including, 1.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8685
Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago
Description : The Wp chart generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpchart shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8688
Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago
Description : The Inline Stock Quotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's stock shortcode in all versions up to, and including, 0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8690
Published : Aug. 12, 2025, 3:15 a.m. | 8 hours, 53 minutes ago
Description : The Simple Responsive Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42957 - SAP S/4HANA ABAP Code Injection Backdoor Vulnerability
CVE ID : CVE-2025-42957
Published : Aug. 12, 2025, 3:15 a.m. | 6 hours, 57 minutes ago
Description : SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining the confidentiality, integrity and availability of the system.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42975 - SAP NetWeaver Application Server ABAP Cross-Site Scripting (XSS)
CVE ID : CVE-2025-42975
Published : Aug. 12, 2025, 3:15 a.m. | 6 hours, 57 minutes ago
Description : SAP NetWeaver Application Server ABAP (BIC Document) allows an unauthenticated attacker to craft a URL link which, when accessed on the BIC Document application, embeds a malicious script. When a victim clicks on this link, the script executes in the victim's browser, allowing the attacker to access and/or modify information related to the web client without affecting availability.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42951 - SAP Business One (SLD) Privilege Escalation Vulnerability
CVE ID : CVE-2025-42951
Published : Aug. 12, 2025, 3:15 a.m. | 4 hours, 53 minutes ago
Description : Due to broken authorization, SAP Business One (SLD) allows an authenticated attacker to gain administrator privileges of a database by invoking the corresponding API.�As a result , it has a high impact on the confidentiality, integrity, and availability of the application.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42955 - SAP Cloud Connector LDAP Connection Testing Information Disclosure
CVE ID : CVE-2025-42955
Published : Aug. 12, 2025, 3:15 a.m. | 4 hours, 53 minutes ago
Description : Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network with low privileges could send a crafted request to the endpoint responsible for testing LDAP connections. A successful exploit could lead to reduced performance, hence a low-impact on availability of the service. Confidentiality and integrity of the data are not affected.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42936 - SAP NetWeaver Application Server for ABAP Privilege Escalation Vulnerability
CVE ID : CVE-2025-42936
Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago
Description : The SAP NetWeaver Application Server for ABAP does not enable an administrator to assign distinguished authorizations for different user roles, this issue allows authenticated users to access restricted objects in the barcode interface, leading to privilege escalation. This results in a low impact on the confidentiality and integrity of the application, there is no impact on availability.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42942 - SAP NetWeaver Application Server for ABAP Cross-Site Scripting (XSS)
CVE ID : CVE-2025-42942
Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago
Description : SAP NetWeaver Application Server for ABAP has cross-site scripting vulnerability. Due to this, an unauthenticated attacker could craft a URL embedded with malicious script and trick an unauthenticated victim to click on it to execute the script. Upon successful exploitation, the attacker could access and modify limited information within the scope of victim's browser. This vulnerability has no impact on availability of the application.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42943 - SAP GUI for Windows NTLM Hash Leak
CVE ID : CVE-2025-42943
Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago
Description : SAP GUI for Windows may allow the leak of NTML hashes when specific ABAP frontend services are called with UNC paths. For a successful attack, the attacker needs developer authorization in a specific Application Server ABAP to make changes in the code, and the victim needs to execute by using SAP GUI for Windows. This could trigger automatic NTLM authentication, potentially exposing hashed credentials to an attacker. As a result, it has a high impact on the confidentiality.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42945 - SAP NetWeaver Application Server ABAP HTML Injection Vulnerability
CVE ID : CVE-2025-42945
Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago
Description : SAP NetWeaver Application Server ABAP has HTML injection vulnerability. Due to this, an attacker could craft a URL with malicious script as payload and trick a victim with active user session into executing it. Upon successful exploit, this vulnerability could lead to limited access to data or its manipulation. There is no impact on availability.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42946 - SAP S/4HANA (Bank Communication Management) Directory Traversal Vulnerability
CVE ID : CVE-2025-42946
Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago
Description : Due to directory traversal vulnerability in SAP S/4HANA (Bank Communication Management), an attacker with high privileges and access to a specific transaction and method in Bank Communication Management could gain unauthorized access to sensitive operating system files. This could allow the attacker to potentially read or delete these files hence causing a high impact on confidentiality and low impact on integrity. There is no impact on availability of the system.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42948 - SAP NetWeaver ABAP Platform Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-42948
Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago
Description : Due to a Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated user clicks on this link, the injected input is processed during the website�s page generation, resulting in the creation of malicious content. When this malicious content gets executed, the attacker could gain the ability to access/modify information within the scope of victim�s browser.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-42949
Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago
Description : Due to a missing authorization check in the ABAP Platform, an authenticated user with elevated privileges could bypass authorization restrictions for common transactions by leveraging the SQL Console. This could enable an attacker to access and read the contents of database tables without proper authorization, leading to a significant compromise of data confidentiality. However, the integrity and availability of the system remain unaffected.
Severity: 4.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42950 - SAP SLT ABAP Code Injection Vulnerability
CVE ID : CVE-2025-42950
Published : Aug. 12, 2025, 3:15 a.m. | 3 hours, 44 minutes ago
Description : SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining the confidentiality, integrity and availability of the system.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42934 - SAP S/4HANA CRLF Injection Vulnerability
CVE ID : CVE-2025-42934
Published : Aug. 12, 2025, 3:15 a.m. | 1 hour, 44 minutes ago
Description : SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. An attacker with user-level privileges can bypass the allowlist and insert untrusted sites into the 'Trusted Sites' configuration by injecting line feed (LF) characters into application inputs. This vulnerability has a low impact on the application's integrity and no impact on confidentiality or availability.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-42935 - SAP NetWeaver Application Server ABAP and ABAP Platform ICM Information Disclosure Vulnerability
CVE ID : CVE-2025-42935
Published : Aug. 12, 2025, 3:15 a.m. | 1 hour, 44 minutes ago
Description : The SAP NetWeaver Application Server ABAP and ABAP Platform Internet Communication Manager (ICM) permits authorized users with admin privileges and local access to log files to read sensitive information, resulting in information disclosure. This leads to high impact on the confidentiality of the application, with no impact on integrity or availability.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55161
Published : Aug. 11, 2025, 11:15 p.m. | 5 hours, 44 minutes ago
Description : Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/markdown/pdf endpoint to convert Markdown to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security sanitization which can be bypassed and result in SSRF. This issue has been patched in version 1.1.0.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55156
Published : Aug. 11, 2025, 11:15 p.m. | 3 hours, 21 minutes ago
Description : pyLoad is the free and open-source Download Manager written in pure Python. Prior to version 0.5.0b3.dev91, the parameter add_links in API /json/add_package is vulnerable to SQL Injection. Attackers can modify or delete data in the database, causing data errors or loss. This issue has been patched in version 0.5.0b3.dev91.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55157
Published : Aug. 11, 2025, 11:15 p.m. | 3 hours, 21 minutes ago
Description : Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1400, When processing nested tuples in Vim script, an error during evaluation can trigger a use-after-free in Vim’s internal tuple reference management. Specifically, the tuple_unref() function may access already freed memory due to improper lifetime handling, leading to memory corruption. The exploit requires direct user interaction, as the script must be explicitly executed within Vim. This issue has been patched in version 9.1.1400.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55158 - Vim Double-Free Typval Management Vulnerability
CVE ID : CVE-2025-55158
Published : Aug. 11, 2025, 11:15 p.m. | 3 hours, 21 minutes ago
Description : Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value (typval_T) management. Specifically, the clear_tv() function may attempt to free memory that has already been deallocated, due to improper lifetime handling in the handle_import / ex_import code paths. The vulnerability can only be triggered if a user explicitly opens and executes a specially crafted Vim script. This issue has been patched in version 9.1.1406.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55159
Published : Aug. 11, 2025, 11:15 p.m. | 3 hours, 21 minutes ago
Description : slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the get_disjoint_mut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes. This has been fixed in slab 0.4.11. A workaround for this issue involves to avoid using get_disjoint_mut with indices that might be beyond the slab's actual length.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-25235
Published : Aug. 11, 2025, 10:15 p.m. | 4 hours, 21 minutes ago
Description : Server-Side Request Forgery (SSRF) in Omnissa Secure Email Gateway (SEG) in SEG prior to 2.32 running on Windows and SEG prior to 2503 running on UAG allows routing of network traffic such as HTTP requests to internal networks.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54992
Published : Aug. 11, 2025, 10:15 p.m. | 4 hours, 21 minutes ago
Description : OpenKilda is an open-source OpenFlow controller. Prior to version 1.164.0, an XML external entity (XXE) injection vulnerability was found in OpenKilda which in combination with GHSL-2025-024 allows unauthenticated attackers to exfiltrate information from the instance where the OpenKilda UI is running. This issue may lead to Information disclosure. This issue has been patched in version 1.164.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55012
Published : Aug. 11, 2025, 10:15 p.m. | 4 hours, 21 minutes ago
Description : Zed is a multiplayer code editor. Prior to version 0.197.3, in the Zed Agent Panel allowed for an AI agent to achieve Remote Code Execution (RCE) by bypassing user permission checks. An AI Agent could have exploited a permissions bypass vulnerability to create or modify a project-specific configuration file, leading to the execution of arbitrary commands on a victim's machine without the explicit approval that would otherwise be required. This vulnerability has been patched in version 0.197.3. A workaround for this issue involves either avoid sending prompts to the Agent Panel, or to limit the AI Agent's file system access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55150
Published : Aug. 11, 2025, 10:15 p.m. | 4 hours, 21 minutes ago
Description : Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/html/pdf endpoint to convert HTML to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security sanitization which can be bypassed and result in SSRF. This issue has been patched in version 1.1.0.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55151
Published : Aug. 11, 2025, 10:15 p.m. | 4 hours, 21 minutes ago
Description : Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, the "convert file to pdf" functionality (/api/v1/convert/file/pdf) uses LibreOffice's unoconvert tool for conversion, and SSRF vulnerabilities exist during the conversion process. This issue has been patched in version 1.1.0.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-32640 - MASA CMS SQL Injection Vulnerability
CVE ID : CVE-2024-32640
Published : Aug. 11, 2025, 9:15 p.m. | 5 hours, 21 minutes ago
Description : MASA CMS is an Enterprise Content Management platform based on open source technology. Versions prior to 7.4.6, 7.3.13, and 7.2.8 contain a SQL injection vulnerability in the `processAsyncObject` method that can result in remote code execution. Versions 7.4.6, 7.3.13, and 7.2.8 contain a fix for the issue.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-40920
Published : Aug. 11, 2025, 9:15 p.m. | 5 hours, 21 minutes ago
Description : Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. * Data::UUID does not use a strong cryptographic source for generating UUIDs.
* Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable for security, as per RFC 9562.
* The nonces should be generated from a strong cryptographic source, as per RFC 7616.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54878 - NASA CryptoLib Heap Buffer Overflow Vulnerability
CVE ID : CVE-2025-54878
Published : Aug. 11, 2025, 9:15 p.m. | 5 hours, 21 minutes ago
Description : CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A heap buffer overflow vulnerability exists in NASA CryptoLib version 1.4.0 and prior in the IV setup logic for telecommand frames. The problem arises from missing bounds checks when copying the Initialization Vector (IV) into a freshly allocated buffer. An attacker can supply a crafted TC frame that causes the library to write one byte past the end of the heap buffer, leading to heap corruption and undefined behaviour. An attacker supplying a malformed telecommand frame can corrupt heap memory. This leads to undefined behaviour, which could manifest itself as a crash (denial of service) or more severe exploitation. This issue has been patched in version 1.4.0.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53190
Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago
Description : A vulnerability in ABB Aspect.This issue affects Aspect: before <3.08.04-s01.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53191 - ABB Aspect Missing Authentication for Critical Function Vulnerability
CVE ID : CVE-2025-53191
Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago
Description : Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects Aspect: before <3.08.04-s01.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53514 - Mattermost Confluence Plugin Denial of Service (DoS)
CVE ID : CVE-2025-53514
Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago
Description : Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53857 - Mattermost Confluence Plugin Information Disclosure Vulnerability
CVE ID : CVE-2025-53857
Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago
Description : Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via API call to the GET autocomplete/GetChannelSubscriptions endpoint.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53910
Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago
Description : Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to create a channel subscription without proper access to the channel via API call to the edit channel subscription endpoint.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54458
Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago
Description : Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the Confluence space which allows attackers to create a subscription for a Confluence space the user does not have access to via the create subscription endpoint.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54463 - Mattermost Confluence Plugin Denial of Service (DoS)
CVE ID : CVE-2025-54463
Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago
Description : Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54478
Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago
Description : Mattermost Confluence Plugin version <1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to edit channel subscriptions via API call to the edit channel subscription endpoint.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54525 - Mattermost Confluence Plugin Denial of Service (DoS)
CVE ID : CVE-2025-54525
Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago
Description : Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to create channel subscription endpoint with an invalid request body.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7677 - "ABB Aspect Missing Authentication for Critical Function"
CVE ID : CVE-2025-7677
Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago
Description : Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects Aspect: All versions.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7679 - ABB Aspect Missing Authentication for Critical Function
CVE ID : CVE-2025-7679
Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago
Description : Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects Aspect: All versions.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8285
Published : Aug. 11, 2025, 7:15 p.m. | 7 hours, 21 minutes ago
Description : Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to create channel subscription without proper access to the channel via API call to the create channel subscription endpoint.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51823
Published : Aug. 11, 2025, 7:15 p.m. | 3 hours, 21 minutes ago
Description : libcsp 2.0 is vulnerable to Buffer Overflow in the csp_eth_init() function due to improper handling of the ifname parameter. The function uses strcpy to copy the interface name into a structure member (ctx->name) without validating the input length.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51824
Published : Aug. 11, 2025, 7:15 p.m. | 3 hours, 21 minutes ago
Description : libcsp 2.0 is vulnerable to Buffer Overflow in the csp_usart_open() function at drivers/usart/zephyr.c.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52931 - Mattermost Confluence Plugin Denial of Service (DoS)
CVE ID : CVE-2025-52931
Published : Aug. 11, 2025, 7:15 p.m. | 3 hours, 21 minutes ago
Description : Mattermost Confluence Plugin version <1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to update channel subscription endpoint with an invalid request body.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53188
Published : Aug. 11, 2025, 7:15 p.m. | 3 hours, 21 minutes ago
Description : Insufficiently Protected Credentials vulnerability in ABB Aspect.This issue affects Aspect: before <3.08.04-s01.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53189 - ABB Aspect Authorization Bypass Through User-Controlled Key Vulnerability
CVE ID : CVE-2025-53189
Published : Aug. 11, 2025, 7:15 p.m. | 3 hours, 21 minutes ago
Description : Authorization Bypass Through User-Controlled Key vulnerability in ABB Aspect.This issue affects Aspect: from o before <3.08.04-s01.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-25229 - VMware Workspace ONE UEM SSRF Vulnerability
CVE ID : CVE-2025-25229
Published : Aug. 11, 2025, 7:15 p.m. | 2 hours, 30 minutes ago
Description : Omnissa Workspace ONE UEM contains a Server-Side Request Forgery (SSRF) Vulnerability. A malicious actor with user privileges may be able to access restricted internal system information, potentially enabling enumeration of internal network resources.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-44001 - Mattermost Confluence Plugin Unauthenticated Channel Subscription Information Disclosure
CVE ID : CVE-2025-44001
Published : Aug. 11, 2025, 7:15 p.m. | 2 hours, 30 minutes ago
Description : Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via API call to the Get Channel Subscriptions details endpoint.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-44004
Published : Aug. 11, 2025, 7:15 p.m. | 2 hours, 30 minutes ago
Description : Mattermost Confluence Plugin version <1.5.0 fails to check the authorization of the user to the Mattermost instance which allows attackers to create a channel subscription without proper authorization via API call to the create channel subscription endpoint.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48731
Published : Aug. 11, 2025, 7:15 p.m. | 2 hours, 30 minutes ago
Description : Mattermost Confluence Plugin version <1.5.0 fails to check the access of the user to the Confluence space which allows attackers to edit a subscription for a Confluence space the user does not have access for via edit subscription endpoint.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-49221
Published : Aug. 11, 2025, 7:15 p.m. | 2 hours, 30 minutes ago
Description : Mattermost Confluence Plugin version <1.5.0 fails to enforce authentication of the user to the Mattermost instance which allows unauthenticated attackers to access subscription details without via API call to GET subscription endpoint.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-25231 - VMware Workspace ONE UEM Path Traversal Information Disclosure
CVE ID : CVE-2025-25231
Published : Aug. 11, 2025, 6:15 p.m. | 2 hours, 20 minutes ago
Description : Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious actor may be able to gain access to sensitive information by sending crafted GET requests (read-only) to restricted API endpoints.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53187
Published : Aug. 11, 2025, 6:15 p.m. | 2 hours, 20 minutes ago
Description : Improper Control of Generation of Code ('Code Injection') vulnerability in ABB ASPECT.This issue affects ASPECT: before <3.08.04-s01.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54063
Published : Aug. 11, 2025, 6:15 p.m. | 2 hours, 20 minutes ago
Description : Cherry Studio is a desktop client that supports for multiple LLM providers. From versions 1.4.8 to 1.5.0, there is a one-click remote code execution vulnerability through the custom URL handling. An attacker can exploit this by hosting a malicious website or embedding a specially crafted URL on any website. If a victim clicks the exploit link in their browser, the app’s custom URL handler is triggered, leading to remote code execution on the victim’s machine. This issue has been patched in version 1.5.1.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8866
Published : Aug. 11, 2025, 5:15 p.m. | 1 hour, 20 minutes ago
Description : YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster/universe API endpoint. An unauthenticated attacker could exploit this flaw to obtain server networking configuration details, including private and public IP addresses and DNS records.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-38499
Published : Aug. 11, 2025, 4:15 p.m. | 2 hours, 20 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns
What we want is to verify there is that clone won't expose something
hidden by a mount we wouldn't be able to undo. "Wouldn't be able to undo"
may be a result of MNT_LOCKED on a child, but it may also come from
lacking admin rights in the userns of the namespace mount belongs to.
clone_private_mnt() checks the former, but not the latter.
There's a number of rather confusing CAP_SYS_ADMIN checks in various
userns during the mount, especially with the new mount API; they serve
different purposes and in case of clone_private_mnt() they usually,
but not always end up covering the missing check mentioned above.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-45146 - ModelCache for LLM Deserialization Vulnerability
CVE ID : CVE-2025-45146
Published : Aug. 11, 2025, 4:15 p.m. | 2 hours, 20 minutes ago
Description : ModelCache for LLM through v0.2.0 was discovered to contain an deserialization vulnerability via the component /manager/data_manager.py. This vulnerability allows attackers to execute arbitrary code via supplying crafted data.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10037
Published : Aug. 11, 2025, 3:15 p.m. | 3 hours, 20 minutes ago
Description : PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez GET parameter is unsafely passed to the exec() function without sanitization. A remote attacker can inject arbitrary shell commands, leading to code execution under the web server's context. No authentication is required.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10038 - Auxilium RateMyPet Unauthenticated Remote Code Execution (RCE) via File Upload
CVE ID : CVE-2012-10038
Published : Aug. 11, 2025, 3:15 p.m. | 3 hours, 20 minutes ago
Description : Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in upload_banners.php. The banner upload feature fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files. These files are stored in a web-accessible /banners/ directory and can be executed directly, resulting in remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10039 - ZEN Load Balancer Root Code Execution Vulnerability
CVE ID : CVE-2012-10039
Published : Aug. 11, 2025, 3:15 p.m. | 3 hours, 20 minutes ago
Description : ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2-2.cgi. The filelog parameter is passed directly into a backtick-delimited exec() call without sanitation. An authenticated attacker can inject arbitrary shell commands, resulting in remote code execution as the root user. ZEN Load Balancer is the predecessor of ZEVENET and SKUDONET. The affected versions (2.0 and 3.0-rc1) are no longer supported. SKUDONET CE is the current community-maintained successor.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10040
Published : Aug. 11, 2025, 3:15 p.m. | 3 hours, 20 minutes ago
Description : Openfiler v2.x contains a command injection vulnerability in the system.html page. The device parameter is used to instantiate a NetworkCard object, whose constructor in network.inc calls exec() with unsanitized input. An authenticated attacker can exploit this to execute arbitrary commands as the openfiler user. Due to misconfigured sudoers, the openfiler user can escalate privileges to root via sudo /bin/bash without a password.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8859
Published : Aug. 11, 2025, 3:15 p.m. | 3 hours, 20 minutes ago
Description : A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8865 - YugabyteDB YCQL DoS Denial of Service
CVE ID : CVE-2025-8865
Published : Aug. 11, 2025, 3:15 p.m. | 3 hours, 20 minutes ago
Description : The YugabyteDB tablet server contains a flaw in its YCQL query handling that can trigger a null pointer dereference when processing certain malformed inputs. An authenticated attacker could exploit this issue to crash the YCQL tablet server, resulting in a denial of service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8851
Published : Aug. 11, 2025, 2:15 p.m. | 4 hours, 20 minutes ago
Description : A vulnerability was determined in LibTIFF up to 4.5.1. Affected by this issue is the function readSeparateStripsetoBuffer of the file tools/tiffcrop.c of the component tiffcrop. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The patch is identified as 8a7a48d7a645992ca83062b3a1873c951661e2b3. It is recommended to apply a patch to fix this issue.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8852 - WuKongOpenSource WukongCRM File Upload API Response Handler Information Exposure Vulnerability
CVE ID : CVE-2025-8852
Published : Aug. 11, 2025, 2:15 p.m. | 4 hours, 20 minutes ago
Description : A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part of the file /adminFile/upload of the component API Response Handler. The manipulation leads to information exposure through error message. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8864
Published : Aug. 11, 2025, 2:15 p.m. | 4 hours, 20 minutes ago
Description : Shared Access Signature token is not masked in the backup configuration response and is also exposed in the yb_backup logs
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8672 - GIMP for MacOS Local Privilege Escalation
CVE ID : CVE-2025-8672
Published : Aug. 11, 2025, 1:15 p.m. | 5 hours, 20 minutes ago
Description : MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions
granted by the user to the main application bundle. An attacker with local user access can
invoke this interpreter with arbitrary commands or scripts, leveraging the
application's previously granted TCC permissions to access user's files in privacy-protected folders without triggering user prompts. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of GIMP, potentially disguising attacker's malicious intent.
This issue has been fixed in 3.1.4.2 version of GIMP.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8845
Published : Aug. 11, 2025, 1:15 p.m. | 5 hours, 20 minutes ago
Description : A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8846
Published : Aug. 11, 2025, 1:15 p.m. | 5 hours, 20 minutes ago
Description : A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8847
Published : Aug. 11, 2025, 1:15 p.m. | 5 hours, 20 minutes ago
Description : A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. Affected by this vulnerability is the function Edit of the file /system/notice/edit. The manipulation of the argument noticeTitle/noticeContent leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8862 - YugabyteDB Information Disclosure Vulnerability
CVE ID : CVE-2025-8862
Published : Aug. 11, 2025, 1:15 p.m. | 5 hours, 20 minutes ago
Description : YugabyteDB has been collecting diagnostics information from YugabyteDB servers, which may include sensitive gflag configurations. To mitigate this, we recommend upgrading the database to a version where this information is properly redacted.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8863
Published : Aug. 11, 2025, 1:15 p.m. | 5 hours, 20 minutes ago
Description : YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8844
Published : Aug. 11, 2025, 12:15 p.m. | 6 hours, 20 minutes ago
Description : A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parse_smacro_template of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8842 - NASM Netwide Assembler Use After Free Vulnerability
CVE ID : CVE-2025-8842
Published : Aug. 11, 2025, 11:15 a.m. | 7 hours, 20 minutes ago
Description : A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected by this issue is the function do_directive of the file preproc.c. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8843
Published : Aug. 11, 2025, 11:15 a.m. | 7 hours, 20 minutes ago
Description : A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8841
Published : Aug. 11, 2025, 10:15 a.m. | 8 hours, 20 minutes ago
Description : A vulnerability was identified in zlt2000 microservices-platform up to 6.0.0. Affected by this vulnerability is the function Upload of the file zlt-business/file-center/src/main/java/com/central/file/controller/FileController.java. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8840
Published : Aug. 11, 2025, 10:15 a.m. | 7 hours, 54 minutes ago
Description : A vulnerability was determined in jshERP up to 3.5. Affected is an unknown function of the file /jshERP-boot/user/deleteBatch of the component Endpoint. The manipulation of the argument ids leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Different than CVE-2025-7947.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8839
Published : Aug. 11, 2025, 9:15 a.m. | 8 hours, 55 minutes ago
Description : A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8853 - 2100 Technology Official Document Management System Authentication Bypass
CVE ID : CVE-2025-8853
Published : Aug. 11, 2025, 9:15 a.m. | 8 hours, 55 minutes ago
Description : Official Document Management System developed by 2100 Technology has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to obtain any user's connection token and use it to log into the system as that user.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8838 - WinterChenS my-site PreHandle Uri Improper Authentication Remote Vulnerability
CVE ID : CVE-2025-8838
Published : Aug. 11, 2025, 9:15 a.m. | 7 hours, 57 minutes ago
Description : A vulnerability has been found in WinterChenS my-site up to 1f7525f15934d9d6a278de967f6ec9f1757738d8. This vulnerability affects the function preHandle of the file /admin/ of the component Backend Interface. The manipulation of the argument uri leads to improper authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The code maintainer responded to the issue that "[he] tried it, and using this link automatically redirects to the login page."
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8836
Published : Aug. 11, 2025, 8:15 a.m. | 7 hours, 37 minutes ago
Description : A vulnerability was determined in JasPer up to 4.2.5. Affected by this issue is the function jpc_floorlog2 of the file src/libjasper/jpc/jpc_enc.c of the component JPEG2000 Encoder. The manipulation leads to reachable assertion. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 79185d32d7a444abae441935b20ae4676b3513d4. It is recommended to apply a patch to fix this issue.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8837 - JasPer JPEG2000 File Handler Use After Free Vulnerability
CVE ID : CVE-2025-8837
Published : Aug. 11, 2025, 8:15 a.m. | 7 hours, 37 minutes ago
Description : A vulnerability was identified in JasPer up to 4.2.5. This affects the function jpc_dec_dump of the file src/libjasper/jpc/jpc_dec.c of the component JPEG2000 File Handler. The manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named 8308060d3fbc1da10353ac8a95c8ea60eba9c25a. It is recommended to apply a patch to fix this issue.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8660
Published : Aug. 11, 2025, 8:15 a.m. | 6 hours, 25 minutes ago
Description : Privilege escalation occurs when a user gets access to more resources or functionality than they are normally allowed.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8661
Published : Aug. 11, 2025, 8:15 a.m. | 6 hours, 25 minutes ago
Description : A stored Cross-Site Scripting vulnerability (XSS) occurs when the server does not properly validate or encode the data entered by the user.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8747 - Keras Safe Mode Bypass Arbitrary Code Execution
CVE ID : CVE-2025-8747
Published : Aug. 11, 2025, 8:15 a.m. | 6 hours, 25 minutes ago
Description : A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted `.keras` model archive.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8833 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-8833
Published : Aug. 11, 2025, 7:15 a.m. | 7 hours, 25 minutes ago
Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function langSwitchBack of the file /goform/langSwitchBack. The manipulation of the argument langSelectionOnly leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8834
Published : Aug. 11, 2025, 7:15 a.m. | 7 hours, 25 minutes ago
Description : A vulnerability has been found in JCG Link-net LW-N915R 17s.20.001.908. Affected is an unknown function of the file /wireless/basic.asp of the component Wireless Basic Settings Page. The manipulation of the argument Network Name leads to cross site scripting. It is possible to launch the attack remotely.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8835 - JasPer Jas Image Color Space Conversion Handler Null Pointer Dereference
CVE ID : CVE-2025-8835
Published : Aug. 11, 2025, 7:15 a.m. | 7 hours, 25 minutes ago
Description : A vulnerability was found in JasPer up to 4.2.5. Affected by this vulnerability is the function jas_image_chclrspc of the file src/libjasper/base/jas_image.c of the component Image Color Space Conversion Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of the patch is bb7d62bd0a2a8e0e1fdb4d603f3305f955158c52. It is recommended to apply a patch to fix this issue.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7965
Published : Aug. 11, 2025, 6:15 a.m. | 7 hours, 32 minutes ago
Description : The CBX Restaurant Booking WordPress plugin through 1.2.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8832
Published : Aug. 11, 2025, 6:15 a.m. | 7 hours, 32 minutes ago
Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function setDMZ of the file /goform/setDMZ. The manipulation of the argument DMZIPAddress leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8854
Published : Aug. 11, 2025, 5:15 a.m. | 8 hours, 32 minutes ago
Description : Stack-based buffer overflow in LoadOFF in bulletphysics bullet3 before 3.26 on all platforms allows remote attackers to execute arbitrary code via a crafted OFF file with an overlong initial token processed by the VHACD test utility or invoked indirectly through PyBullet's vhacd function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8830 - Linksys Router Os Command Injection Vulnerability
CVE ID : CVE-2025-8830
Published : Aug. 11, 2025, 5:15 a.m. | 8 hours, 13 minutes ago
Description : A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function sub_3517C of the file /goform/setWan. The manipulation of the argument Hostname leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8831
Published : Aug. 11, 2025, 5:15 a.m. | 8 hours, 13 minutes ago
Description : A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function remoteManagement of the file /goform/remoteManagement. The manipulation of the argument portNumber leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27577
Published : Aug. 11, 2025, 4:15 a.m. | 9 hours, 13 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8827 - Linksys Router Remote Os Command Injection Vulnerability
CVE ID : CVE-2025-8827
Published : Aug. 11, 2025, 4:15 a.m. | 9 hours, 13 minutes ago
Description : A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function um_inspect_cross_band of the file /goform/RP_setBasicAuto. The manipulation of the argument staticGateway leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8828 - Linksys RE Series IPv6 Command Injection Vulnerability
CVE ID : CVE-2025-8828
Published : Aug. 11, 2025, 4:15 a.m. | 9 hours, 13 minutes ago
Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function ipv6cmd of the file /goform/setIpv6. The manipulation of the argument Ipv6PriDns/Ipv6SecDns/Ipv6StaticGateway/LanIpv6Addr/LanPrefixLen/pppoeUser/pppoePass/pppoeIdleTime/pppoeRedialPeriod/Ipv6in4_PrefixLen/LocalIpv6/RemoteIpv4/LanIPv6_Prefix/LanPrefixLen/ipv6to4Relay/ipv6rdRelay/tunrd_PrefixLen/wan_UseLinkLocal/Ipv6StaticIp/Ipv6PrefixLen leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8829 - Linksys Wireless Router OS Command Injection Vulnerability
CVE ID : CVE-2025-8829
Published : Aug. 11, 2025, 4:15 a.m. | 9 hours, 13 minutes ago
Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function um_red of the file /goform/RP_setBasicAuto. The manipulation of the argument hname leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27562
Published : Aug. 11, 2025, 4:15 a.m. | 7 hours, 52 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27128 - OpenHarmony TCB Use After Free Arbitrary Code Execution
CVE ID : CVE-2025-27128
Published : Aug. 11, 2025, 4:15 a.m. | 7 hours, 13 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27536
Published : Aug. 11, 2025, 4:15 a.m. | 7 hours, 13 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-25278
Published : Aug. 11, 2025, 4:15 a.m. | 5 hours, 31 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-26690 - OpenHarmony NULL Pointer Dereference Denial of Service Vulnerability
CVE ID : CVE-2025-26690
Published : Aug. 11, 2025, 4:15 a.m. | 5 hours, 31 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24844 - OpenHarmony Memory Leaking DOS Vulnerability
CVE ID : CVE-2025-24844
Published : Aug. 11, 2025, 4:15 a.m. | 4 hours, 18 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24925 - OpenHarmony Memory Leaks Denial of Service Vulnerability
CVE ID : CVE-2025-24925
Published : Aug. 11, 2025, 4:15 a.m. | 4 hours, 18 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-25212 - OpenHarmony Denial of Service Vulnerability
CVE ID : CVE-2025-25212
Published : Aug. 11, 2025, 4:15 a.m. | 4 hours, 18 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24298
Published : Aug. 11, 2025, 4:15 a.m. | 3 hours, 13 minutes ago
Description : in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8825 - Linksys Router OS Command Injection Vulnerability
CVE ID : CVE-2025-8825
Published : Aug. 11, 2025, 3:15 a.m. | 4 hours, 13 minutes ago
Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function RP_setBasicAuto of the file /goform/RP_setBasicAuto. The manipulation of the argument staticIp/staticNetmask leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8826
Published : Aug. 11, 2025, 3:15 a.m. | 4 hours, 13 minutes ago
Description : A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function um_rp_autochannel of the file /goform/RP_setBasicAuto. The manipulation of the argument apcli_AuthMode_2G/apcli_AuthMode_5G leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8823 - Linksys Wireless Router Os Command Injection Vulnerability
CVE ID : CVE-2025-8823
Published : Aug. 11, 2025, 2:15 a.m. | 5 hours, 13 minutes ago
Description : A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function setDeviceName of the file /goform/setDeviceName. The manipulation of the argument DeviceName leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8824
Published : Aug. 11, 2025, 2:15 a.m. | 5 hours, 13 minutes ago
Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function setRIP of the file /goform/setRIP. The manipulation of the argument RIPmode/RIPpasswd leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8821 - Linksys WiFi Router OS Command Injection Vulnerability
CVE ID : CVE-2025-8821
Published : Aug. 11, 2025, 1:15 a.m. | 6 hours, 13 minutes ago
Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This issue affects the function RP_setBasic of the file /goform/RP_setBasic. The manipulation of the argument bssid leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8822 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-8822
Published : Aug. 11, 2025, 1:15 a.m. | 6 hours, 13 minutes ago
Description : A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function algDisable of the file /goform/setOpMode. The manipulation of the argument opMode leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8820
Published : Aug. 11, 2025, 12:15 a.m. | 7 hours, 13 minutes ago
Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function wirelessBasic of the file /goform/wirelessBasic. The manipulation of the argument submit_SSID1 leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8818 - Linksys Wi-Fi Router OS Command Injection Vulnerability
CVE ID : CVE-2025-8818
Published : Aug. 10, 2025, 11:15 p.m. | 6 hours, 32 minutes ago
Description : A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function setDFSSetting of the file /goform/setLan. The manipulation of the argument lanNetmask/lanIp leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8819
Published : Aug. 10, 2025, 11:15 p.m. | 6 hours, 31 minutes ago
Description : A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This affects the function setWan of the file /goform/setWan. The manipulation of the argument staticIp leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8817 - Linksys RE Series Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-8817
Published : Aug. 10, 2025, 10:15 p.m. | 7 hours, 13 minutes ago
Description : A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function setLan of the file /goform/setLan. The manipulation of the argument lan2enabled leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8815
Published : Aug. 10, 2025, 4:15 p.m. | 13 hours, 13 minutes ago
Description : A vulnerability was found in 猫宁i Morning up to bc782730c74ff080494f145cc363a0b4f43f7d3e. It has been classified as critical. Affected is an unknown function of the file /index of the component Shiro Configuration. The manipulation leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8816
Published : Aug. 10, 2025, 4:15 p.m. | 13 hours, 13 minutes ago
Description : A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected is the function setOpMode of the file /goform/setOpMode. The manipulation of the argument ethConv leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8813 - Atjiu Pybbs Open Redirect Vulnerability
CVE ID : CVE-2025-8813
Published : Aug. 10, 2025, 3:15 p.m. | 11 hours, 18 minutes ago
Description : A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as problematic. This vulnerability affects the function changeLanguage of the file src/main/java/co/yiiu/pybbs/controller/front/IndexController.java. The manipulation of the argument referer leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as edb14ff13e9e05394960ba46c3d31d844ff2deac. It is recommended to apply a patch to fix this issue.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8814
Published : Aug. 10, 2025, 3:15 p.m. | 11 hours, 18 minutes ago
Description : A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function setCookie of the file src/main/java/co/yiiu/pybbs/util/CookieUtil.java. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named 8aa2bb1aef3346e49aec6358edf5e47ce905ae7b. It is recommended to apply a patch to fix this issue.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8810
Published : Aug. 10, 2025, 2:15 p.m. | 12 hours, 18 minutes ago
Description : A vulnerability classified as critical was found in Tenda AC20 16.03.08.05. Affected by this vulnerability is the function strcpy of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8811
Published : Aug. 10, 2025, 2:15 p.m. | 12 hours, 18 minutes ago
Description : A vulnerability, which was classified as critical, has been found in code-projects Simple Art Gallery 1.0. Affected by this issue is some unknown functionality of the file /Admin/registration.php. The manipulation of the argument fname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8812
Published : Aug. 10, 2025, 2:15 p.m. | 12 hours, 18 minutes ago
Description : A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects an unknown part of the file /api/settings of the component Admin Panel. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8809 - Code-projects Online Medicine Guide SQL Injection Vulnerability
CVE ID : CVE-2025-8809
Published : Aug. 10, 2025, 1:15 p.m. | 13 hours, 18 minutes ago
Description : A vulnerability classified as critical has been found in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /addelidetails.php. The manipulation of the argument del leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8807
Published : Aug. 10, 2025, 12:15 p.m. | 14 hours, 18 minutes ago
Description : A vulnerability was found in xujeff tianti 天梯 up to 2.3. It has been declared as critical. This vulnerability affects unknown code of the file /tianti-module-admin/user/ajax/save. The manipulation leads to missing authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8808
Published : Aug. 10, 2025, 12:15 p.m. | 14 hours, 18 minutes ago
Description : A vulnerability was found in xujeff tianti 天梯 up to 2.3. It has been rated as problematic. This issue affects the function exportOrder of the file /tianti-module-admin/user/ajax/save of the component com.jeff.tianti.controller. The manipulation leads to csv injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8805 - Open5GS SMF Denial of Service Vulnerability
CVE ID : CVE-2025-8805
Published : Aug. 10, 2025, 11:15 a.m. | 15 hours, 18 minutes ago
Description : A vulnerability was found in Open5GS up to 2.7.5 and classified as problematic. Affected by this issue is the function smf_gsm_state_wait_pfcp_deletion of the file src/smf/gsm-sm.c of the component SMF. The manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The patch is identified as c58b8f081986aaf2a312d73a0a17985518b47fe6. It is recommended to upgrade the affected component.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8806
Published : Aug. 10, 2025, 11:15 a.m. | 15 hours, 18 minutes ago
Description : A vulnerability was found in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. It has been classified as critical. This affects an unknown part of the file /adpweb/a/sys/office/treeData. The manipulation of the argument extId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8803 - Open5GS Denial of Service Vulnerability
CVE ID : CVE-2025-8803
Published : Aug. 10, 2025, 10:15 a.m. | 16 hours, 18 minutes ago
Description : A vulnerability, which was classified as problematic, was found in Open5GS up to 2.7.5. Affected is the function gmm_state_de_registered/gmm_state_exception of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. It is possible to launch the attack remotely. Upgrading to version 2.7.6 is able to address this issue. The name of the patch is 1f30edac27f69f61cff50162e980fe58fdeb30ca. It is recommended to upgrade the affected component.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8804
Published : Aug. 10, 2025, 10:15 a.m. | 16 hours, 18 minutes ago
Description : A vulnerability has been found in Open5GS up to 2.7.5 and classified as problematic. Affected by this vulnerability is the function ngap_build_downlink_nas_transport of the component AMF. The manipulation leads to reachable assertion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The identifier of the patch is bca0a7b6e01d254f4223b83831162566d4626428. It is recommended to upgrade the affected component.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8801 - Open5GS Denial of Service Vulnerability
CVE ID : CVE-2025-8801
Published : Aug. 10, 2025, 9:15 a.m. | 17 hours, 18 minutes ago
Description : A vulnerability classified as problematic has been found in Open5GS up to 2.7.5. This affects the function gmm_state_exception of the file src/amf/gmm-sm.c of the component AMF. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The identifier of the patch is f47f2bd4f7274295c5fbb19e2f806753d183d09a. It is recommended to upgrade the affected component.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8802 - Open5GS SMF Denial of Service Vulnerability
CVE ID : CVE-2025-8802
Published : Aug. 10, 2025, 9:15 a.m. | 17 hours, 18 minutes ago
Description : A vulnerability classified as problematic was found in Open5GS up to 2.7.5. This vulnerability affects the function smf_state_operational of the file src/smf/smf-sm.c of the component SMF. The manipulation of the argument stream leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version v2.7.6 is able to address this issue. The patch is identified as f168f7586a4fa536cee95ae60ac437d997f15b97. It is recommended to upgrade the affected component.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8800 - Open5GS AMF Component Denial of Service Vulnerability
CVE ID : CVE-2025-8800
Published : Aug. 10, 2025, 8:15 a.m. | 18 hours, 18 minutes ago
Description : A vulnerability was found in Open5GS up to 2.7.5. It has been rated as problematic. Affected by this issue is the function esm_handle_pdn_connectivity_request of the file src/mme/esm-handler.c of the component AMF Component. The manipulation leads to denial of service. The attack may be launched remotely. Upgrading to version 2.7.6 is able to address this issue. The name of the patch is 701505102f514cbde2856cd2ebc9bedb7efc820d. It is recommended to upgrade the affected component.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8799 - Open5GS AMF Denial of Service Vulnerability
CVE ID : CVE-2025-8799
Published : Aug. 10, 2025, 8:15 a.m. | 17 hours, 31 minutes ago
Description : A vulnerability was found in Open5GS up to 2.7.5. It has been declared as problematic. Affected by this vulnerability is the function amf_npcf_am_policy_control_build_create/amf_nsmf_pdusession_build_create_sm_context of the file src/amf/npcf-build.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.7.6 is able to address this issue. The patch is named cf63dd63197bf61a4b041aa364ba6a6199ab15e4. It is recommended to upgrade the affected component.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8798
Published : Aug. 10, 2025, 7:15 a.m. | 18 hours, 31 minutes ago
Description : A vulnerability was found in oitcode samarium up to 0.9.6. It has been classified as critical. Affected is an unknown function of the file /dashboard/product of the component Create Product Page. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8797
Published : Aug. 10, 2025, 7:15 a.m. | 16 hours, 45 minutes ago
Description : A vulnerability was found in LitmusChaos Litmus up to 3.19.0 and classified as critical. This issue affects some unknown processing of the component LocalStorage Handler. The manipulation leads to permission issues. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8795
Published : Aug. 10, 2025, 6:15 a.m. | 17 hours, 45 minutes ago
Description : A vulnerability, which was classified as critical, was found in LitmusChaos Litmus up to 3.19.0. This affects an unknown part of the file /auth/login. The manipulation of the argument projectID leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8796
Published : Aug. 10, 2025, 6:15 a.m. | 17 hours, 44 minutes ago
Description : A vulnerability has been found in LitmusChaos Litmus up to 3.19.0 and classified as problematic. This vulnerability affects unknown code of the file /auth/delete_project/ of the component Delete Request Handler. The manipulation of the argument projectID leads to missing authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8794
Published : Aug. 10, 2025, 5:15 a.m. | 18 hours, 5 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in LitmusChaos Litmus up to 3.19.0. Affected by this issue is some unknown functionality of the component LocalStorage Handler. The manipulation of the argument projectID leads to authorization bypass. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8793 - "LitmusChaos Litmus Remote Resource Identifier Improper Control Vulnerability"
CVE ID : CVE-2025-8793
Published : Aug. 10, 2025, 4:15 a.m. | 19 hours, 4 minutes ago
Description : A vulnerability classified as problematic was found in LitmusChaos Litmus up to 3.19.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument projectID leads to improper control of resource identifiers. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8792
Published : 10. elokuuta 2025 kello 4.15 | 17 tuntia, 44 minuuttia ago
Description : A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0. Affected is an unknown function. The manipulation leads to client-side enforcement of server-side security. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52136
Published : Aug. 10, 2025, 4:15 a.m. | 11 hours, 25 minutes ago
Description : In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a defense-in-depth feature in which a plugin's acceptability (for later Dashboard installation) is set by the "emqx ctl plugins allow" CLI command.
Severity: 3.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8791
Published : Aug. 10, 2025, 4:15 a.m. | 11 hours, 25 minutes ago
Description : A vulnerability was found in LitmusChaos Litmus up to 3.19.0. It has been rated as critical. This issue affects some unknown processing of the file /auth/list_projects. The manipulation of the argument role leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8789 - Portabilis i-Educar API Endpoint Remote Authorization Bypass Vulnerability
CVE ID : CVE-2025-8789
Published : Aug. 10, 2025, 3:15 a.m. | 11 hours, 17 minutes ago
Description : A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been classified as problematic. This affects an unknown part of the file /module/Api/Diario of the component API Endpoint. The manipulation leads to authorization bypass. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8790 - Portabilis i-Educar Remote API Endpoint Authorization Bypass Vulnerability
CVE ID : CVE-2025-8790
Published : Aug. 10, 2025, 3:15 a.m. | 11 hours, 17 minutes ago
Description : A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been declared as critical. This vulnerability affects unknown code of the file /module/Api/pessoa of the component API Endpoint. The manipulation of the argument ID leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8788
Published : Aug. 10, 2025, 3:15 a.m. | 10 hours, 38 minutes ago
Description : A vulnerability was found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /planos-de-aula-por-areas-de-conhecimento/ of the component Informações adicionais. The manipulation of the argument Parecer/Conteúdos/Objetivos leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8787
Published : Aug. 10, 2025, 2:15 a.m. | 11 hours, 38 minutes ago
Description : A vulnerability has been found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /registros-de-conteudos-por-disciplina/ of the component Registro das atividades. The manipulation of the argument Registro de atividades/Conteúdos leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8786 - Portabilis i-Diario Cross Site Scripting Vulnerability
CVE ID : CVE-2025-8786
Published : Aug. 10, 2025, 1:15 a.m. | 12 hours, 38 minutes ago
Description : A vulnerability, which was classified as problematic, was found in Portabilis i-Diario up to 1.5.0. Affected is an unknown function of the file /registros-de-conteudos-por-areas-de-conhecimento/ of the component Registro das atividades. The manipulation of the argument Registro de atividades/Conteúdos leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8785
Published : Aug. 10, 2025, 12:15 a.m. | 13 hours, 4 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to 2.9. This issue affects some unknown processing of the file /intranet/educar_usuario_lst.php. The manipulation of the argument nm_pessoa/matricula/matricula_interna leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8784 - Portabilis i-Educar Cross Site Scripting Vulnerability
CVE ID : CVE-2025-8784
Published : Aug. 9, 2025, 11:15 p.m. | 12 hours, 25 minutes ago
Description : A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. This vulnerability affects unknown code of the file /intranet/funcionario_vinculo_cad.php of the component Cadastrar Vínculo Page. The manipulation of the argument nome leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8775
Published : Aug. 9, 2025, 9:15 p.m. | 14 hours, 25 minutes ago
Description : A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as critical. Affected by this issue is the function execute of the file /api/code/upload of the component Scheduled Task Handler. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8774
Published : Aug. 9, 2025, 9:15 p.m. | 13 hours, 16 minutes ago
Description : A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8773
Published : Aug. 9, 2025, 8:15 p.m. | 14 hours, 16 minutes ago
Description : A vulnerability, which was classified as critical, was found in Dinstar Monitoring Platform 甘肃省危险品库监控平台 1.0. Affected is an unknown function of the file /itc/$%7BappPath%7D/login_getPasswordErrorNum.action. The manipulation of the argument userBean.loginName leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8772
Published : Aug. 9, 2025, 8:15 p.m. | 13 hours, 35 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in Vinades NukeViet up to 4.5.06. This issue affects some unknown processing of the file /admin/index.php?language=en&nv=upload of the component Module Handler. The manipulation leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8765
Published : Aug. 9, 2025, 7:15 p.m. | 14 hours, 35 minutes ago
Description : A vulnerability classified as problematic was found in Datacom DM955 5GT 1200 825.8010.00. Affected by this vulnerability is an unknown functionality of the component Wireless Basic Settings. The manipulation of the argument SSID leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8764
Published : Aug. 9, 2025, 7:15 p.m. | 13 hours, 16 minutes ago
Description : A vulnerability classified as critical has been found in linlinjava litemall up to 1.8.0. Affected is the function Upload of the file /wx/storage/upload. The manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8763
Published : Aug. 9, 2025, 6:15 p.m. | 14 hours, 16 minutes ago
Description : A vulnerability was found in Ruijie EG306MG 3.0(1)B11P309. It has been rated as problematic. This issue affects some unknown processing of the file /etc/strongswan.conf of the component strongSwan. The manipulation of the argument i_dont_care_about_security_and_use_aggressive_mode_psk leads to missing encryption of sensitive data. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8759
Published : Aug. 9, 2025, 5:15 p.m. | 14 hours, 34 minutes ago
Description : A vulnerability was found in TRENDnet TN-200 1.02b02. It has been declared as problematic. This vulnerability affects unknown code of the component Lighttpd. The manipulation of the argument secdownload.secret with the input neV3rUseMe leads to use of hard-coded cryptographic key
. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8758 - TRENDnet TEW-822DRE FTP Server Local Privilege Escalation Vulnerability
CVE ID : CVE-2025-8758
Published : Aug. 9, 2025, 4:15 p.m. | 15 hours, 34 minutes ago
Description : A vulnerability was found in TRENDnet TEW-822DRE FW103B02. It has been classified as problematic. This affects an unknown part of the component vsftpd. The manipulation leads to least privilege violation. Attacking locally is a requirement. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8756
Published : Aug. 9, 2025, 3:15 p.m. | 16 hours, 4 minutes ago
Description : A vulnerability has been found in TDuckCloud tduck-platform up to 5.1 and classified as critical. Affected by this vulnerability is the function preHandle of the file /manage/ of the component com.tduck.cloud.api.web.interceptor.AuthorizationInterceptor. The manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8757 - TRENDnet Embedded Boa Web Server Least Privilege Violation
CVE ID : CVE-2025-8757
Published : Aug. 9, 2025, 3:15 p.m. | 16 hours, 4 minutes ago
Description : A vulnerability was found in TRENDnet TV-IP110WN 1.2.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /server/boa.conf of the component Embedded Boa Web Server. The manipulation leads to least privilege violation. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2022-50233 - Linux Kernel Bluetooth eir strlen Vulnerability
CVE ID : CVE-2022-50233
Published : Aug. 9, 2025, 3:15 p.m. | 14 hours, 4 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: eir: Fix using strlen with hdev->{dev_name,short_name}
Both dev_name and short_name are not guaranteed to be NULL terminated so
this instead use strnlen and then attempt to determine if the resulting
string needs to be truncated or not.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-58238
Published : Aug. 9, 2025, 3:15 p.m. | 14 hours, 4 minutes ago
Description : In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test
This fixes the tx timeout issue seen while running a stress test on
btnxpuart for couple of hours, such that the interval between two HCI
commands coincide with the power save timeout value of 2 seconds.
Test procedure using bash script:
hciconfig hci0 up
//Enable Power Save feature
hcitool -i hci0 cmd 3f 23 02 00 00
while (true)
do
hciconfig hci0 leadv
sleep 2
hciconfig hci0 noleadv
sleep 2
done
Error log, after adding few more debug prints:
Bluetooth: btnxpuart_queue_skb(): 01 0A 20 01 00
Bluetooth: hci0: Set UART break: on, status=0
Bluetooth: hci0: btnxpuart_tx_wakeup() tx_work scheduled
Bluetooth: hci0: btnxpuart_tx_work() dequeue: 01 0A 20 01 00
Can't set advertise mode on hci0: Connection timed out (110)
Bluetooth: hci0: command 0x200a tx timeout
When the power save mechanism turns on UART break, and btnxpuart_tx_work()
is scheduled simultaneously, psdata->ps_state is read as PS_STATE_AWAKE,
which prevents the psdata->work from being scheduled, which is responsible
to turn OFF UART break.
This issue is fixed by adding a ps_lock mutex around UART break on/off as
well as around ps_state read/write.
btnxpuart_tx_wakeup() will now read updated ps_state value. If ps_state is
PS_STATE_SLEEP, it will first schedule psdata->work, and then it will
reschedule itself once UART break has been turned off and ps_state is
PS_STATE_AWAKE.
Tested above script for 50,000 iterations and TX timeout error was not
observed anymore.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8755
Published : Aug. 9, 2025, 2:15 p.m. | 15 hours, 4 minutes ago
Description : A vulnerability was found in macrozheng mall up to 1.0.3 and classified as problematic. This issue affects the function detail of the file UmsMemberController.java of the component com.macro.mall.portal.controller. The manipulation of the argument orderId leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7726
Published : Aug. 9, 2025, 2:15 p.m. | 13 hours, 25 minutes ago
Description : The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via its lightbox rendering code in all versions up to, and including, 12.6.0 due to insufficient input sanitization and output escaping. The theme’s JavaScript reads user-supplied 'title' and 'data-dt-img-description' attributes directly via jQuery.attr(), concatenates them into an HTML string, and inserts that string into the DOM using methods such as jQuery.html() without escaping or filtering. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8753
Published : Aug. 9, 2025, 2:15 p.m. | 13 hours, 25 minutes ago
Description : A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1.8.0. Affected by this issue is the function delete of the file /admin/storage/delete of the component File Handler. The manipulation of the argument key leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7020 - BYD DiLink 3.0 OS IVI Unit Log Dump Encryption Bypass
CVE ID : CVE-2025-7020
Published : Aug. 9, 2025, 1:15 p.m. | 14 hours, 25 minutes ago
Description : An incorrect encryption implementation vulnerability exists in the system log dump feature of BYD's DiLink 3.0 OS (e.g. in the model ATTO3). An attacker with physical access to the vehicle can bypass the encryption of log dumps on the In-Vehicle Infotainment (IVI) unit's storage. This allows the attacker to access and read system logs containing sensitive data, including personally identifiable information (PII) and location data.
This vulnerability was introduced in a patch intended to fix CVE-2024-54728.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8752
Published : Aug. 9, 2025, 12:15 p.m. | 15 hours, 25 minutes ago
Description : A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8751 - Protected Total WebShield Extension Chrome Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-8751
Published : Aug. 9, 2025, 8:15 a.m. | 17 hours, 25 minutes ago
Description : A vulnerability was found in Protected Total WebShield Extension up to 3.2.0 on Chrome. It has been classified as problematic. This affects an unknown part of the component Block Page. The manipulation of the argument Category leads to cross site scripting. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8750
Published : Aug. 9, 2025, 7:15 a.m. | 18 hours, 25 minutes ago
Description : A vulnerability has been found in macrozheng mall up to 1.0.3 and classified as problematic. Affected by this vulnerability is the function Upload of the file /minio/upload of the component Add Product Page. The manipulation of the argument File leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8746
Published : Aug. 9, 2025, 6:15 a.m. | 19 hours, 25 minutes ago
Description : A vulnerability, which was classified as problematic, was found in GNU libopts up to 27.6. Affected is the function __strstr_sse2. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. This issue was initially reported to the tcpreplay project, but the code maintainer explains, that this "bug appears to be in libopts which is an external library." This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8771
Published : Aug. 9, 2025, 5:15 a.m. | 20 hours, 25 minutes ago
Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: This affects a legitimate feature. The cause of the issue is an insecure database configuration established by the user.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4655
Published : Aug. 9, 2025, 5:15 a.m. | 18 hours, 26 minutes ago
Description : SSRF vulnerability in FreeMarker templates in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 allows template editors to bypass access validations via crafted URLs.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8745
Published : Aug. 9, 2025, 5:15 a.m. | 18 hours, 26 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in Weee RICEPO App 6.17.77 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.ricepo.app. The manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4581
Published : Aug. 9, 2025, 5:15 a.m. | 17 hours, 15 minutes ago
Description : Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4 ,2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 allows a pre-authentication blind SSRF vulnerability in the portal-settings-authentication-opensso-web due to improper validation of user-supplied URLs. An attacker can exploit this issue to force the server to make arbitrary HTTP requests to internal systems, potentially leading to internal network enumeration or further exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55008
Published : Aug. 9, 2025, 3:15 a.m. | 17 hours, 14 minutes ago
Description : The AuthKit library for React Router 7+ provides helpers for authentication and session management using WorkOS & AuthKit with React Router. In versions 0.6.1 and below, @workos-inc/authkit-react-router exposed sensitive authentication artifacts — specifically sealedSession and accessToken by returning them from the authkitLoader. This caused them to be rendered into the browser HTML. This issue is fixed in version 0.7.0.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55009
Published : Aug. 9, 2025, 3:15 a.m. | 17 hours, 14 minutes ago
Description : The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In versions 0.14.1 and below, @workos-inc/authkit-remix exposed sensitive authentication artifacts — specifically sealedSession and accessToken — by returning them from the authkitLoader. This caused them to be rendered into the browser HTML.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55013 - Assemblyline 4 Service Client Path Traversal Vulnerability
CVE ID : CVE-2025-55013
Published : Aug. 9, 2025, 3:15 a.m. | 17 hours, 14 minutes ago
Description : The Assemblyline 4 Service Client interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4. In versions below 4.6.1.dev138, the Assemblyline 4 Service Client (task_handler.py) accepts a SHA-256 value returned by the service server and uses it directly as a local file name.A malicious or compromised server (or any MITM that can speak to client) can return a path-traversal payload such as `../../../etc/cron.d/evil` and force the client to write the downloaded bytes to an arbitrary location on disk. This is fixed in version 4.6.1.dev138.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55149 - Tiny-Scientist PDF Path Traversal Vulnerability
CVE ID : CVE-2025-55149
Published : Aug. 9, 2025, 3:15 a.m. | 17 hours, 14 minutes ago
Description : Tiny-Scientist is a lightweight framework for automating the entire lifecycle of scientific research—from ideation to implementation, writing, and review. In versions 0.1.1 and below, a critical path traversal vulnerability has been identified in the review_paper function in backend/app.py. The vulnerability allows malicious users to access arbitrary PDF files on the server by providing crafted file paths that bypass the intended security restrictions. This vulnerability allows attackers to: read any PDF file accessible to the server process, potentially access sensitive documents outside the intended directory and perform reconnaissance on the server's file system structure. This issue does not currently have a fix.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55001
Published : Aug. 9, 2025, 3:15 a.m. | 15 hours, 14 minutes ago
Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao allowed the assignment of policies and MFA attribution based upon entity aliases, chosen by the underlying auth method. When the username_as_alias=true parameter in the LDAP auth method was in use, the caller-supplied username was used verbatim without normalization, allowing an attacker to bypass alias-specific MFA requirements. This issue was fixed in version 2.3.2. To work around this, remove all usage of the username_as_alias=true parameter and update any entity aliases accordingly.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55003
Published : Aug. 9, 2025, 3:15 a.m. | 15 hours, 14 minutes ago
Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, OpenBao's Login Multi-Factor Authentication (MFA) system allows enforcing MFA using Time-based One Time Password (TOTP). Due to normalization applied by the underlying TOTP library, codes were accepted which could contain whitespace; this whitespace could bypass internal rate limiting of the MFA method and allow reuse of existing MFA codes. This issue was fixed in version 2.3.2. To work around this, use of rate-limiting quotas can limit an attacker's ability to exploit this: https://openbao.org/api-docs/system/rate-limit-quotas/.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55006
Published : Aug. 9, 2025, 3:15 a.m. | 15 hours, 14 minutes ago
Description : Frappe Learning is a learning system that helps users structure their content. In versions 2.33.0 and below, the image upload functionality did not adequately sanitize uploaded SVG files. This allowed users to upload SVG files containing embedded JavaScript or other potentially malicious content. Malicious SVG files could be used to execute arbitrary scripts in the context of other users. A fix for this issue is planned for version 2.34.0.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54999 - OpenBao User Enumeration Vulnerability
CVE ID : CVE-2025-54999
Published : Aug. 9, 2025, 3:15 a.m. | 13 hours, 14 minutes ago
Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, when using OpenBao's userpass auth method, user enumeration was possible due to timing difference between non-existent users and users with stored credentials. This is independent of whether the supplied credentials were valid for the given user. This issue was fixed in version 2.3.2. To work around this issue, users may use another auth method or apply rate limiting quotas to limit the number of requests in a period of time: https://openbao.org/api-docs/system/rate-limit-quotas/.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55000
Published : Aug. 9, 2025, 3:15 a.m. | 13 hours, 14 minutes ago
Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, OpenBao's TOTP secrets engine could accept valid codes multiple times rather than strictly-once. This was caused by unexpected normalization in the underlying TOTP library. To work around, ensure that all codes are first normalized before submitting to the OpenBao endpoint. TOTP code verification is a privileged action; only trusted systems should be verifying codes.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54997
Published : Aug. 9, 2025, 3:15 a.m. | 11 hours, 14 minutes ago
Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, some OpenBao deployments intentionally limit privileged API operators from executing system code or making network connections. However, these operators can bypass both restrictions through the audit subsystem by manipulating log prefixes. This allows unauthorized code execution and network access that violates the intended security model. This issue is fixed in version 2.3.2. To workaround, users can block access to sys/audit/* endpoints using explicit deny policies, but root operators cannot be restricted this way.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54998
Published : Aug. 9, 2025, 3:15 a.m. | 11 hours, 14 minutes ago
Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 0.1.0 through 2.3.1, attackers could bypass the automatic user lockout mechanisms in the OpenBao Userpass or LDAP auth systems. This was caused by different aliasing between pre-flight and full login request user entity alias attributions. This is fixed in version 2.3.2. To work around this issue, existing users may apply rate-limiting quotas on the authentication endpoints:, see https://openbao.org/api-docs/system/rate-limit-quotas/.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54417
Published : Aug. 9, 2025, 2:15 a.m. | 12 hours, 14 minutes ago
Description : Craft is a platform for creating digital experiences. Versions 4.13.8 through 4.16.2 and 5.5.8 through 5.8.3 contain a vulnerability that can bypass CVE-2025-23209: "Craft CMS has a potential RCE with a compromised security key". To exploit this vulnerability, the project must meet these requirements: have a compromised security key and create an arbitrary file in Craft's /storage/backups folder. With those criteria in place, attackers could create a specific, malicious request to the /updater/restore-db endpoint and execute CLI commands remotely. This issue is fixed in versions 4.16.3 and 5.8.4.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54888 - Fedify ActivityPub Actor Impersonation Bypass
CVE ID : CVE-2025-54888
Published : Aug. 9, 2025, 2:15 a.m. | 12 hours, 14 minutes ago
Description : Fedify is a TypeScript library for building federated server apps powered by ActivityPub. In versions below 1.3.20, 1.4.0-dev.585 through 1.4.12, 1.5.0-dev.636 through 1.5.4, 1.6.0-dev.754 through 1.6.7, 1.7.0-pr.251.885 through 1.7.8 and 1.8.0-dev.909 through 1.8.4, an authentication bypass vulnerability allows any unauthenticated attacker to impersonate any ActivityPub actor by sending forged activities signed with their own keys. Activities are processed before verifying the signing key belongs to the claimed actor, enabling complete actor impersonation across all Fedify instances. This is fixed in versions 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9 and 1.8.5.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54996
Published : Aug. 9, 2025, 2:15 a.m. | 12 hours, 14 minutes ago
Description : OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to the root policy. While the identity system allowed adding arbitrary policies, which in turn could contain capability grants on arbitrary paths, the root policy was restricted to manual generation using unseal or recovery key shares. The global root policy was not accessible from child namespaces. This issue is fixed in version 2.3.2. To workaround this vulnerability, use of denied_parameters in any policy which has access to the affected identity endpoints (on identity entities) may be sufficient to prohibit this type of attack.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55152 - Oak Denial of Service (DoS) Vulnerability
CVE ID : CVE-2025-55152
Published : Aug. 9, 2025, 2:15 a.m. | 12 hours, 14 minutes ago
Description : oak is a middleware framework for Deno's native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and Bun. In versions 17.1.5 and below, it's possible to significantly slow down an oak server with specially crafted values of the x-forwarded-proto or x-forwarded-for headers.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8744 - CesiumLab Web SQL Injection Vulnerability
CVE ID : CVE-2025-8744
Published : Aug. 9, 2025, 12:15 a.m. | 14 hours, 14 minutes ago
Description : A vulnerability classified as critical was found in CesiumLab Web up to 4.0. This vulnerability affects unknown code of the file /lodmodels/. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6573 - Qualcomm Snapdragon Secure Kernel Information Leak
CVE ID : CVE-2025-6573
Published : Aug. 9, 2025, 12:15 a.m. | 13 hours, 4 minutes ago
Description : Kernel software installed and running inside an untrusted/rich execution environment (REE) could leak information from the trusted execution environment (TEE).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46709 - Apache HTTP Server Kernel Heap Information Disclosure
CVE ID : CVE-2025-46709
Published : Aug. 9, 2025, 12:15 a.m. | 12 hours, 14 minutes ago
Description : Possible memory leak or kernel exceptions caused by reading kernel heap data after free or NULL pointer dereference kernel exception.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8743
Published : Aug. 8, 2025, 11:15 p.m. | 9 hours, 13 minutes ago
Description : A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. This affects an unknown part of the file /data_source_edit.shtm of the component Virtual Data Source Property Handler. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8741 - Macrozheng Mall Remote Cleartext Transmission of Sensitive Information Vulnerability
CVE ID : CVE-2025-8741
Published : Aug. 8, 2025, 10:16 p.m. | 8 hours, 13 minutes ago
Description : A vulnerability was found in macrozheng mall up to 1.0.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/login. The manipulation leads to cleartext transmission of sensitive information. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8742
Published : Aug. 8, 2025, 10:16 p.m. | 8 hours, 13 minutes ago
Description : A vulnerability was found in macrozheng mall 1.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Admin Login. The manipulation leads to improper restriction of excessive authentication attempts. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55188 - 7-Zip Symbolic Link Extraction Vulnerability
CVE ID : CVE-2025-55188
Published : Aug. 8, 2025, 9:15 p.m. | 8 hours, 12 minutes ago
Description : 7-Zip before 25.01 does not always properly handle symbolic links during extraction.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8739
Published : Aug. 8, 2025, 9:15 p.m. | 8 hours, 12 minutes ago
Description : A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /admin/tags/save. The manipulation of the argument tagName leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8740
Published : Aug. 8, 2025, 9:15 p.m. | 8 hours, 12 minutes ago
Description : A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0. It has been classified as problematic. Affected is an unknown function of the file /admin/categories/save of the component Category Handler. The manipulation of the argument categoryName leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8738 - "zlt2000 Microservices-Platform Spring Actuator Interface Information Disclosure Vulnerability"
CVE ID : CVE-2025-8738
Published : Aug. 8, 2025, 8:15 p.m. | 9 hours, 12 minutes ago
Description : A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8737 - Open Redirect Vulnerability in zlt2000 Microservices-Platform
CVE ID : CVE-2025-8737
Published : Aug. 8, 2025, 8:15 p.m. | 7 hours, 11 minutes ago
Description : A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform up to 6.0.0. This affects the function onLogoutSuccess of the file src/main/java/com/central/oauth/handler/OauthLogoutSuccessHandler.java. The manipulation of the argument redirect_url leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10047
Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago
Description : Cyclope Employee Surveillance Solution versions 6.x is vulnerable to a SQL injection flaw in its login mechanism. The username parameter in the auth-login POST request is not properly sanitized, allowing attackers to inject arbitrary SQL statements. This can be leveraged to write and execute a malicious PHP file on disk, resulting in remote code execution under the SYSTEM user context.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10048
Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago
Description : Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint. The daemon parameter is passed directly to a Popen() call in ZenossInfo.py without proper sanitation, allowing authenticated users to execute arbitrary commands on the server as the zenoss user.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10049
Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago
Description : WebPageTest version 2.6 and earlier contains an arbitrary file upload vulnerability in the resultimage.php script. The application fails to validate or sanitize user-supplied input before saving uploaded files to a publicly accessible directory. This flaw allows remote attackers to upload and execute arbitrary PHP code, resulting in full remote code execution under the web server context.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10050
Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago
Description : CuteFlow version 2.11.2 and earlier contains an arbitrary file upload vulnerability in the restart_circulation_values_write.php script. The application fails to validate or restrict uploaded file types, allowing unauthenticated attackers to upload arbitrary PHP files to the upload/___1/ directory. These files are then accessible via the web server, enabling remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10051
Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago
Description : Photodex ProShow Producer version 5.0.3256 contains a stack-based buffer overflow vulnerability in the handling of plugin load list files. When a specially crafted load file is placed in the installation directory, the application fails to properly validate its contents, leading to a buffer overflow when the file is parsed during startup. Exploitation requires local access to place the file and user interaction to launch the application.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10052
Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago
Description : EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files directly into the web-accessible egallery/ directory. This results in full remote code execution under the web server context.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10053 - Apache Simple Web Server HTTP Header Buffer Overflow
CVE ID : CVE-2012-10053
Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago
Description : Simple Web Server 2.2 rc2 contains a stack-based buffer overflow vulnerability in its handling of the Connection HTTP header. When a remote attacker sends an overly long string in this header, the server uses vsprintf() without proper bounds checking, leading to a buffer overflow on the stack. This flaw allows remote attackers to execute arbitrary code with the privileges of the web server process. The vulnerability is triggered before authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4796
Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago
Description : The Eventin plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 4.0.34. This is due to the plugin not properly validating a user's identity or capability prior to updating their details like email in the 'Eventin\Speaker\Api\SpeakerController::update_item' function. This makes it possible for unauthenticated attackers with contributor-level and above permissions to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8735 - GNU cflow Null Pointer Dereference Vulnerability
CVE ID : CVE-2025-8735
Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago
Description : A vulnerability classified as problematic was found in GNU cflow up to 1.8. Affected by this vulnerability is the function yylex of the file c.c of the component Lexer. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8736 - GNU cflow Lexer Buffer Overflow Vulnerability
CVE ID : CVE-2025-8736
Published : Aug. 8, 2025, 7:15 p.m. | 8 hours, 11 minutes ago
Description : A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10043 - ActFax Server Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2012-10043
Published : Aug. 8, 2025, 7:15 p.m. | 6 hours, 5 minutes ago
Description : A stack-based buffer overflow vulnerability exists in ActFax Server version 4.32, specifically in the "Import Users from File" functionality of the client interface. The application fails to properly validate the length of tab-delimited fields in .exp files, leading to unsafe usage of strcpy() during CSV parsing. An attacker can exploit this vulnerability by crafting a malicious .exp file and importing it using the default character set "ECMA-94 / Latin 1 (ISO 8859)". Successful exploitation may result in arbitrary code execution, leading to full system compromise. User interaction is required to trigger the vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10044
Published : Aug. 8, 2025, 7:15 p.m. | 6 hours, 5 minutes ago
Description : MobileCartly version 1.0 contains an arbitrary file creation vulnerability in the savepage.php script. The application fails to perform authentication or authorization checks before invoking file_put_contents() on attacker-controlled input. An unauthenticated attacker can exploit this flaw by sending crafted HTTP GET requests to savepage.php, specifying both the filename and content. This allows arbitrary file creation within the pages/ directory or any writable path on the server, allowing remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10045
Published : Aug. 8, 2025, 7:15 p.m. | 6 hours, 5 minutes ago
Description : XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the upload functionality, which fails to properly validate or restrict uploaded file types. By crafting a multipart/form-data POST request, an attacker can upload a .php file directly into the web-accessible files/ directory and trigger its execution via a subsequent GET request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10046
Published : Aug. 8, 2025, 7:15 p.m. | 6 hours, 5 minutes ago
Description : The E-Mail Security Virtual Appliance (ESVA) (tested on version ESVA_2057) contains an unauthenticated command injection vulnerability in the learn-msg.cgi script. The CGI handler fails to sanitize user-supplied input passed via the id parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no authentication and results in full command execution on the underlying system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2010-10013
Published : Aug. 8, 2025, 7:15 p.m. | 3 hours, 35 minutes ago
Description : An unauthenticated remote command execution vulnerability exists in AjaXplorer (now known as Pydio Cells) versions prior to 2.6. The flaw resides in the checkInstall.php script within the access.ssh plugin, which fails to properly sanitize user-supplied input to the destServer GET parameter. By injecting shell metacharacters, remote attackers can execute arbitrary system commands on the server with the privileges of the web server process.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10036
Published : Aug. 8, 2025, 7:15 p.m. | 3 hours, 35 minutes ago
Description : Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in tools/upload_file.php. The upload handler fails to validate the file type or enforce authentication, allowing remote attackers to upload malicious PHP files directly into a web-accessible directory. The uploaded file is stored with a predictable suffix and can be executed by requesting its URL, resulting in remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10041 - Citrix WAN Emulator Unauthenticated Command Execution and Privilege Escalation Vulnerability
CVE ID : CVE-2012-10041
Published : Aug. 8, 2025, 7:15 p.m. | 3 hours, 35 minutes ago
Description : WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php script calls shell_exec() with unsanitized input from the pc POST parameter, allowing remote attackers to execute arbitrary commands as the www-data user. The system also includes a SUID-root binary named dosu, which is vulnerable to command injection via its first argument. An attacker can exploit both flaws in sequence to achieve full remote code execution and escalate privileges to root.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10042
Published : Aug. 8, 2025, 7:15 p.m. | 3 hours, 35 minutes ago
Description : Sflog! CMS 1.0 contains an authenticated arbitrary file upload vulnerability in the blog management interface. The application ships with default credentials (admin:secret) and allows authenticated users to upload files via manage.php. The upload mechanism fails to validate file types, enabling attackers to upload a PHP backdoor into a web-accessible directory (blogs/download/uploads/). Once uploaded, the file can be executed remotely, resulting in full remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52913
Published : Aug. 8, 2025, 6:15 p.m. | 3 hours, 5 minutes ago
Description : A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP2 (9.8.2.12) could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to view, corrupt, or delete users' data and system configurations.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52914
Published : Aug. 8, 2025, 6:15 p.m. | 3 hours, 5 minutes ago
Description : A vulnerability in the Suite Applications Services component of Mitel MiCollab 10.0 through SP1 FP1 (10.0.1.101) could allow an authenticated attacker to conduct a SQL Injection attack due to insufficient validation of user input. A successful exploit could allow an attacker to execute arbitrary SQL database commands.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5095 - Burk Technology ARC Solo Authentication Bypass
CVE ID : CVE-2025-5095
Published : Aug. 8, 2025, 6:15 p.m. | 3 hours, 5 minutes ago
Description : Burk Technology ARC Solo's password change mechanism can be utilized without proper
authentication procedures, allowing an attacker to take over the device.
A password change request can be sent directly to the device's HTTP
endpoint without providing valid credentials. The system does not
enforce proper authentication or session validation, allowing the
password change to proceed without verifying the request's legitimacy.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8733 - GNU Bison Local Assertion Vulnerability
CVE ID : CVE-2025-8733
Published : Aug. 8, 2025, 6:15 p.m. | 3 hours, 5 minutes ago
Description : A vulnerability was found in GNU Bison up to 3.8.2. It has been rated as problematic. This issue affects the function __obstack_vprintf_internal of the file obprintf.c. The manipulation leads to reachable assertion. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8734 - GNU Bison Double Free Vulnerability
CVE ID : CVE-2025-8734
Published : Aug. 8, 2025, 6:15 p.m. | 3 hours, 5 minutes ago
Description : A vulnerability classified as problematic has been found in GNU Bison up to 3.8.2. Affected is the function code_free of the file src/scan-code.c. The manipulation leads to double free. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50927
Published : Aug. 8, 2025, 6:15 p.m. | 2 hours, 14 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the List All FTP User Function in EHCP v20.04.1.b allows authenticated attackers to execute arbitrary JavaScript via injecting a crafted payload into the ftpusername parameter.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50928 - Easy Hosting Control Panel EHCP SQL Injection
CVE ID : CVE-2025-50928
Published : Aug. 8, 2025, 6:15 p.m. | 2 hours, 14 minutes ago
Description : Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a SQL injection vulnerability via the id parameter in the Change Settings function.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46414
Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago
Description : The affected product does not limit the number of attempts for inputting
the correct PIN for a registered product, which may allow an attacker
to gain unauthorized access using brute-force methods if they possess a
valid device serial number. The API provides clear feedback when the
correct PIN is entered. This vulnerability was patched in a server-side
update on April 6, 2025.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47872 - Cisco Product Serial Number Information Disclosure Vulnerability
CVE ID : CVE-2025-47872
Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago
Description : The public-facing product registration endpoint server responds
differently depending on whether the S/N is valid and unregistered,
valid but already registered, or does not exist in the database.
Combined with the fact that serial numbers are sequentially assigned,
this allows an attacker to gain information on the product registration
status of different S/Ns.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50465
Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago
Description : OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50466
Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago
Description : OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The entityType parameter can be used to build a SQL query.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50467
Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago
Description : OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The supportedDataTypeParam parameter can be used to build a SQL query.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50468
Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago
Description : OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the DocStoreDAO interface. The entityType parameters can be used to build a SQL query.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53520
Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago
Description : The affected product allows firmware updates to be downloaded from EG4's
website, transferred via USB dongles, or installed through EG4's
Monitoring Center (remote, cloud-connected interface) or via a serial
connection, and can install these files without integrity checks. The
TTComp archive format used for the firmware is unencrypted and can be
unpacked and altered without detection.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8284 - Packet Power Monitoring and Control Web Interface Authentication Bypass
CVE ID : CVE-2025-8284
Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago
Description : By default, the Packet Power Monitoring and Control Web Interface do not
enforce authentication mechanisms. This vulnerability could allow
unauthorized users to access and manipulate monitoring and control
functions.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8393
Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago
Description : A TLS vulnerability exists in the phone application used to manage a
connected device. The phone application accepts self-signed certificates
when establishing TLS communication which may result in
man-in-the-middle attacks on untrusted networks. Captured communications
may include user credentials and sensitive session tokens.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8732
Published : Aug. 8, 2025, 5:15 p.m. | 2 hours, 5 minutes ago
Description : A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains, that "[t]he issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at all."
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4576
Published : Aug. 8, 2025, 4:15 p.m. | 3 hours, 5 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.0 through 7.4.3.133, and Liferay DXP 2025.Q1.0 through 2025.Q1.4 ,2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, 7.4 GA through update 92 allows an remote non-authenticated attacker to inject JavaScript into the modules/apps/blogs/blogs-web/src/main/resources/META-INF/resources/blogs/entry_cover_image_caption.jsp
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52586 - "Vulnerability in Schneider Electric Inverter Command Traffic"
CVE ID : CVE-2025-52586
Published : Aug. 8, 2025, 4:15 p.m. | 3 hours, 5 minutes ago
Description : The MOD3 command traffic between the monitoring application and the
inverter is transmitted in plaintext without encryption or obfuscation.
This vulnerability may allow an attacker with access to a local network
to intercept, manipulate, replay, or forge critical data, including
read/write operations for voltage, current, and power configuration,
operational status, alarms, telemetry, system reset, or inverter control
commands, potentially disrupting power generation or reconfiguring
inverter settings.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8355 - Xerox FreeFlow Core XML SSRF Vulnerability
CVE ID : CVE-2025-8355
Published : Aug. 8, 2025, 4:15 p.m. | 3 hours, 5 minutes ago
Description : In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker can craft malicious XML containing references to internal URLs, this results in a Server-Side Request Forgery (SSRF).
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8356
Published : Aug. 8, 2025, 4:15 p.m. | 3 hours, 5 minutes ago
Description : In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to access unauthorized files on the server. This can lead to Remote Code Execution (RCE), allowing the attacker to run arbitrary commands on the system.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8731 - TRENDnet SSH Service Default Credentials Vulnerability (Critical)
CVE ID : CVE-2025-8731
Published : Aug. 8, 2025, 4:15 p.m. | 3 hours, 5 minutes ago
Description : A vulnerability was found in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. It has been classified as critical. This affects an unknown part of the component SSH Service. The manipulation leads to use of default credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36023 - IBM Cloud Pak for Business Automation Information Disclosure Vulnerability
CVE ID : CVE-2025-36023
Published : Aug. 8, 2025, 3:15 p.m. | 4 hours, 5 minutes ago
Description : IBM Cloud Pak for Business Automation 24.0.0 through 24.0.0 IF005 and 24.0.1 through 24.0.1 IF002 could allow an authenticated user to view sensitive user and system information due to an indirect object reference through a user-controlled key.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36119 - IBM Digital Certificate Manager for i Web Session Hijacking Privilege Escalation
CVE ID : CVE-2025-36119
Published : Aug. 8, 2025, 3:15 p.m. | 4 hours, 5 minutes ago
Description : IBM i 7.3, 7.4, 7.5, and 7.6 is affected by an authenticated user obtaining elevated privileges with IBM Digital Certificate Manager for i (DCM) due to a web session hijacking vulnerability. An authenticated user without administrator privileges could exploit this vulnerability to perform actions in DCM as an administrator.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8730 - Belkin Web Interface Hard-Coded Credentials Remote Vulnerability
CVE ID : CVE-2025-8730
Published : Aug. 8, 2025, 3:15 p.m. | 4 hours, 5 minutes ago
Description : A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as critical. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation leads to hard-coded credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2020-9322
Published : Aug. 8, 2025, 3:15 p.m. | 2 hours, 5 minutes ago
Description : The /users endpoint in Statamic Core before 2.11.8 allows XSS to add an administrator user. This can be exploited via CSRF. Stored XSS can occur via a JavaScript payload in a username during account registration. Reflected XSS can occur via the /users PATH_INFO.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8729
Published : Aug. 8, 2025, 2:15 p.m. | 3 hours, 5 minutes ago
Description : A vulnerability has been found in MigoXLab LMeterX 1.2.0 and classified as critical. Affected by this vulnerability is the function process_cert_files of the file backend/service/upload_service.py. The manipulation of the argument task_id leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is f1b00597e293d09452aabd4fa57f3185207350e8. It is recommended to apply a patch to fix this issue.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8088
Published : Aug. 8, 2025, 12:15 p.m. | 5 hours, 5 minutes ago
Description : A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček
from ESET.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8749 - MiR API Path Traversal Vulnerability
CVE ID : CVE-2025-8749
Published : Aug. 8, 2025, 12:15 p.m. | 5 hours, 5 minutes ago
Description : Path Traversal vulnerability in API Endpoint in Mobile Industrial Robots (MiR) Software Versions prior to 3.0.0 on MiR Robots allows authenticated users to extract files from the robot file system via a crafted API request.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8748 - MiR Command Injection Vulnerability
CVE ID : CVE-2025-8748
Published : Aug. 8, 2025, 11:15 a.m. | 6 hours, 5 minutes ago
Description : MiR software versions prior to version 3.0.0 are affected by a command injection vulnerability. A malicious
HTTP request crafted by an authenticated user could allow the execution of arbitrary commands on the
underlying operating system.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48913
Published : Aug. 8, 2025, 10:15 a.m. | 7 hours, 5 minutes ago
Description : If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility.
Users are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53606 - Apache Seata (incubating) Deserialization of Untrusted Data Remote Code Execution
CVE ID : CVE-2025-53606
Published : Aug. 8, 2025, 10:15 a.m. | 7 hours, 5 minutes ago
Description : Deserialization of Untrusted Data vulnerability in Apache Seata (incubating).
This issue affects Apache Seata (incubating): 2.4.0.
Users are recommended to upgrade to version 2.5.0, which fixes the issue.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6572
Published : Aug. 8, 2025, 6:15 a.m. | 11 hours, 5 minutes ago
Description : The OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) WordPress plugin through 1.2.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54940 - WordPress Advanced Custom Fields HTML Injection Vulnerability
CVE ID : CVE-2025-54940
Published : Aug. 8, 2025, 5:15 a.m. | 12 hours, 5 minutes ago
Description : An HTML injection vulnerability exists in WordPress plugin "Advanced Custom Fields" prior to 6.4.3. If this vulnerability is exploited, crafted HTML code may be rendered and page display may be tampered.
Severity: 3.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54958 - Powered BLUE OS Command Injection Vulnerability
CVE ID : CVE-2025-54958
Published : Aug. 8, 2025, 5:15 a.m. | 12 hours, 5 minutes ago
Description : Powered BLUE 870 versions 0.20130927 and prior contain an OS command injection vulnerability. If this vulnerability is exploited, arbitrary OS commands may be executed on the affected product.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54959 - BLUE Server File Traversal Vulnerability
CVE ID : CVE-2025-54959
Published : Aug. 8, 2025, 5:15 a.m. | 12 hours, 5 minutes ago
Description : Powered BLUE Server versions 0.20130927 and prior contain a path traversal vulnerability. If this vulnerability is exploited, an arbitrary file in the affected product may be disclosed.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-58256 - EnzoH OS Command Injection Vulnerability
CVE ID : CVE-2024-58256
Published : Aug. 8, 2025, 4:16 a.m. | 13 hours, 4 minutes ago
Description : EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-58257
Published : Aug. 8, 2025, 4:16 a.m. | 13 hours, 4 minutes ago
Description : EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-58255 - EnzoH OS Command Injection Vulnerability
CVE ID : CVE-2024-58255
Published : Aug. 8, 2025, 4:15 a.m. | 13 hours, 4 minutes ago
Description : EnzoH has an OS command injection vulnerability. Successful exploitation of this vulnerability may lead to arbitrary command execution.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8707
Published : Aug. 8, 2025, 3:15 a.m. | 14 hours, 5 minutes ago
Description : A vulnerability was found in Huuge Box App 1.0.3 on Android. It has been classified as problematic. This affects an unknown part of the file AndroidManifest.xml of the component com.huuge.game.zjbox. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8708
Published : Aug. 8, 2025, 3:15 a.m. | 14 hours, 5 minutes ago
Description : A vulnerability was found in Antabot White-Jotter 0.22. It has been declared as critical. This vulnerability affects the function CookieRememberMeManager of the file ShiroConfiguration.java of the component com.gm.wj.config.ShiroConfiguration. The manipulation with the input EVANNIGHTLY_WAOU leads to deserialization. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8706 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability
CVE ID : CVE-2025-8706
Published : Aug. 8, 2025, 2:15 a.m. | 15 hours, 5 minutes ago
Description : A vulnerability has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /CommonSolution/CreateFunctionLog of the component Energy Overview Module. The manipulation of the argument MM_MenID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54886
Published : Aug. 8, 2025, 1:15 a.m. | 14 hours, 58 minutes ago
Description : skops is a Python library which helps users share and ship their scikit-learn based models. In versions 0.12.0 and below, the Card.get_model does not contain any logic to prevent arbitrary code execution. The Card.get_model function supports both joblib and skops for model loading. When loading .skops models, it uses skops' secure loading with trusted type validation, raising errors for untrusted types unless explicitly allowed. However, when non-.zip file formats are provided, the function silently falls back to joblib without warning. Unlike skops, joblib allows arbitrary code execution during loading, bypassing security measures and potentially enabling malicious code execution. This issue is fixed in version 0.13.0.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54887 - jwe JSON Web Encryption Authentication Tag Brute Force Vulnerability
CVE ID : CVE-2025-54887
Published : Aug. 8, 2025, 1:15 a.m. | 14 hours, 58 minutes ago
Description : jwe is a Ruby implementation of the RFC 7516 JSON Web Encryption (JWE) standard. In versions 1.1.0 and below, authentication tags of encrypted JWEs can be brute forced, which may result in loss of confidentiality for those JWEs and provide ways to craft arbitrary JWEs. This puts users at risk because JWEs can be modified to decrypt to an arbitrary value, decrypted by observing parsing differences and the GCM internal GHASH key can be recovered. Users are affected by this vulnerability even if they do not use an AES-GCM encryption algorithm for their JWEs. As the GHASH key may have been leaked, users must rotate the encryption keys after upgrading. This issue is fixed in version 1.1.1.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8703 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability
CVE ID : CVE-2025-8703
Published : Aug. 8, 2025, 1:15 a.m. | 14 hours, 58 minutes ago
Description : A vulnerability classified as critical was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This vulnerability affects unknown code of the file /WEAS_HomePage/GetAreaTrendChartData of the component Environmental Real-Time Data Module. The manipulation of the argument energyId leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8704 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection
CVE ID : CVE-2025-8704
Published : Aug. 8, 2025, 1:15 a.m. | 14 hours, 58 minutes ago
Description : A vulnerability, which was classified as critical, has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This issue affects some unknown processing of the file /WEAS_AlarmResult/GetAlarmResultProcessList of the component Analysis Conclusion Query Module. The manipulation of the argument resultId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8705 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability
CVE ID : CVE-2025-8705
Published : Aug. 8, 2025, 1:15 a.m. | 14 hours, 58 minutes ago
Description : A vulnerability, which was classified as critical, was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. Affected is an unknown function of the file /WEAS_HomePage/GetTargetConfig of the component Energy Overview Module. The manipulation of the argument BP_ProID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54793 - Astro Open Redirect Vulnerability
CVE ID : CVE-2025-54793
Published : Aug. 8, 2025, 1:15 a.m. | 14 hours, 5 minutes ago
Description : Astro is a web framework for content-driven websites. In versions 5.2.0 through 5.12.7, there is an Open Redirect vulnerability in the trailing slash redirection logic when handling paths with double slashes. This allows an attacker to redirect users to arbitrary external domains by crafting URLs such as https://mydomain.com//malicious-site.com/. This increases the risk of phishing and other social engineering attacks. This affects sites that use on-demand rendering (SSR) with the Node or Cloudflare adapters. It does not affect static sites, or sites deployed to Netlify or Vercel. This issue is fixed in version 5.12.8. To work around this issue at the network level, block outgoing redirect responses with a Location header value that starts with `//`.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54368 - "uv ZIP Archive Extraction Vulnerability"
CVE ID : CVE-2025-54368
Published : Aug. 8, 2025, 12:15 a.m. | 15 hours, 4 minutes ago
Description : uv is a Python package and project manager written in Rust. In versions 0.8.5 and earlier, remote ZIP archives were handled in a streamwise fashion, and file entries were not reconciled against the archive's central directory. An attacker could contrive a ZIP archive that would extract with legitimate contents on some package installers, and malicious contents on others due to multiple local file entries. An attacker could also contrive a "stacked" ZIP input with multiple internal ZIPs, which would be handled differently by different package installers. The attacker could choose which installer to target in both scenarios. This issue is fixed in version 0.8.6. To work around this issue, users may choose to set UV_INSECURE_NO_ZIP_VALIDATION=1 to revert to the previous behavior.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54952
Published : Aug. 8, 2025, 12:15 a.m. | 15 hours, 4 minutes ago
Description : An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8702 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability
CVE ID : CVE-2025-8702
Published : Aug. 8, 2025, 12:15 a.m. | 15 hours, 4 minutes ago
Description : A vulnerability classified as critical has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This affects an unknown part of the file /CommonSolution/GetVariableByOneIDNew of the component Historical Data Query Module. The manipulation of the argument ObjectID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54951
Published : Aug. 7, 2025, 11:15 p.m. | 15 hours, 12 minutes ago
Description : A group of related buffer overflow vulnerabilities in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit cea9b23aa8ff78aff92829a466da97461cc7930c.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54949
Published : Aug. 7, 2025, 11:15 p.m. | 12 hours, 40 minutes ago
Description : A heap buffer overflow vulnerability in the loading of ExecuTorch models can potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit ede82493dae6d2d43f8c424e7be4721abe5242be
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54950
Published : Aug. 7, 2025, 11:15 p.m. | 12 hours, 40 minutes ago
Description : An out-of-bounds access vulnerability in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit fb03b6f85596a8f954d97929075335255b6a58d4.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30405
Published : Aug. 7, 2025, 11:15 p.m. | 12 hours, 2 minutes ago
Description : An integer overflow vulnerability in the loading of ExecuTorch models can cause objects to be placed outside their allocated memory area, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 0830af8207240df8d7f35b984cdf8bc35d74fa73.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30404
Published : Aug. 7, 2025, 11:15 p.m. | 10 hours, 33 minutes ago
Description : An integer overflow vulnerability in the loading of ExecuTorch models can cause overlapping allocations, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit d158236b1dc84539c1b16843bc74054c9dcba006.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54787
Published : Aug. 7, 2025, 10:15 p.m. | 11 hours, 33 minutes ago
Description : SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. There is a vulnerability in SuiteCRM version 7.14.6 which allows unauthenticated downloads of any file from the upload-directory, as long as it is named by an ID (e.g. attachments). An unauthenticated attacker could download internal files when he discovers a valid file-ID.
Valid IDs could be brute-forced, but this is quite time-consuming as the file-IDs are usually UUIDs. This issue is fixed in version 7.14.7.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53787 - Microsoft 365 Copilot BizChat Sensitive Data Exposure
CVE ID : CVE-2025-53787
Published : Aug. 7, 2025, 9:15 p.m. | 8 hours, 3 minutes ago
Description : Microsoft 365 Copilot BizChat Information Disclosure Vulnerability
Severity: 8.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53792
Published : Aug. 7, 2025, 9:15 p.m. | 8 hours, 3 minutes ago
Description : Azure Portal Elevation of Privilege Vulnerability
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8698 - Open5GS AMF Service Assertion Vulnerability
CVE ID : CVE-2025-8698
Published : Aug. 7, 2025, 9:15 p.m. | 8 hours, 3 minutes ago
Description : A vulnerability was found in Open5GS up to 2.7.5. It has been classified as problematic. Affected is the function amf_nsmf_pdusession_handle_release_sm_context of the file src/amf/nsmf-handler.c of the component AMF Service. The manipulation leads to reachable assertion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The name of the patch is 66bc558e417e70ae216ec155e4e81c14ae0ecf30. It is recommended to apply a patch to fix this issue.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8701 - Wanzhou WOES Intelligent Optimization Energy Saving System SQL Injection Vulnerability
CVE ID : CVE-2025-8701
Published : Aug. 7, 2025, 9:15 p.m. | 8 hours, 3 minutes ago
Description : A vulnerability was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /OL_OprationLog/GetPageList. The manipulation of the argument optUser leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-45765
Published : Aug. 7, 2025, 9:15 p.m. | 6 hours, 22 minutes ago
Description : ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective is "keysize is not something that is enforced by this library. Currently more recent versions of OpenSSL are enforcing some key sizes and those restrictions apply to the users of this gem also."
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53767
Published : Aug. 7, 2025, 9:15 p.m. | 6 hours, 22 minutes ago
Description : Azure OpenAI Elevation of Privilege Vulnerability
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53774 - Microsoft 365 Copilot BizChat Unauthenticated Data Exposure
CVE ID : CVE-2025-53774
Published : Aug. 7, 2025, 9:15 p.m. | 6 hours, 22 minutes ago
Description : Microsoft 365 Copilot BizChat Information Disclosure Vulnerability
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-26513 - EMC SAN Host Utilities Privilege Escalation Vulnerability
CVE ID : CVE-2025-26513
Published : Aug. 7, 2025, 9:15 p.m. | 6 hours, 3 minutes ago
Description : The installer for SAN Host Utilities for Windows versions prior to 8.0 is susceptible to a vulnerability which when successfully exploited could allow a local user to escalate their privileges.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48709
Published : Aug. 7, 2025, 8:15 p.m. | 7 hours, 3 minutes ago
Description : An issue was discovered in BMC Control-M 9.0.21.300. When Control-M Server has a database connection, it runs DBUStatus.exe frequently, which then calls dbu_connection_details.vbs with the username, password, database hostname, and port written in cleartext, which can be seen in event and process logs in two separate locations.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47183 - GStreamer Isomp4 Information Disclosure
CVE ID : CVE-2025-47183
Published : Aug. 7, 2025, 8:15 p.m. | 4 hours, 34 minutes ago
Description : In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47219 - GStreamer isomp4 Information Disclosure Vulnerability
CVE ID : CVE-2025-47219
Published : Aug. 7, 2025, 8:15 p.m. | 4 hours, 34 minutes ago
Description : In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47806
Published : Aug. 7, 2025, 8:15 p.m. | 4 hours, 34 minutes ago
Description : In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47807
Published : Aug. 7, 2025, 8:15 p.m. | 4 hours, 34 minutes ago
Description : In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47808
Published : Aug. 7, 2025, 8:15 p.m. | 4 hours, 34 minutes ago
Description : In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.
Severity: 5.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7195 - Operator-SDK Insecure User Setup Permissions Vulnerability
CVE ID : CVE-2025-7195
Published : Aug. 7, 2025, 7:15 p.m. | 5 hours, 34 minutes ago
Description : Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.15.2 to scaffold their operator may still be impacted by this if the insecure user_setup script is still being used to build new container images. In affected images, the /etc/passwd file was created during build time with group-writable permissions and a group ownership of root (gid=0). An attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.
Severity: 5.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8697 - AgentUniverse MCPSessionManager/MCPTool/MCPToolkit Os Command Injection Vulnerability
CVE ID : CVE-2025-8697
Published : Aug. 7, 2025, 7:15 p.m. | 5 hours, 34 minutes ago
Description : A vulnerability was found in agentUniverse up to 0.0.18 and classified as critical. This issue affects the function StdioServerParameters of the component MCPSessionManager/MCPTool/MCPToolkit. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50675
Published : Aug. 7, 2025, 7:15 p.m. | 3 hours, 33 minutes ago
Description : GPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file permissions in its installation directory. The directory is accessible with full read, write, and execute permissions for all users, allowing unprivileged users to manipulate files within the directory, including executable files like GPMAW3.exe, Fragment.exe, and the uninstaller GPsetup64_17028.exe. An attacker with user-level access can exploit this misconfiguration by replacing or modifying the uninstaller (GPsetup64_17028.exe) with a malicious version. While the application itself runs in the user's context, the uninstaller is typically executed with administrative privileges when an administrator attempts to uninstall the software. By exploiting this flaw, an attacker could gain administrative privileges and execute arbitrary code in the context of the admin, resulting in privilege escalation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50692
Published : Aug. 7, 2025, 7:15 p.m. | 3 hours, 33 minutes ago
Description : FoxCMS <=v1.2.5 is vulnerable to Code Execution in admin/template_file/editFile.html.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51533
Published : Aug. 7, 2025, 7:15 p.m. | 3 hours, 33 minutes ago
Description : An Insecure Direct Object Reference (IDOR) in Sage DPW v2024_12_004 and below allows unauthorized attackers to access internal forms via sending a crafted GET request.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55077
Published : Aug. 7, 2025, 7:15 p.m. | 3 hours, 33 minutes ago
Description : Tyler Technologies ERP Pro 9 SaaS allows an authenticated user to escape the application and execute limited operating system commands within the remote Microsoft Windows environment with the privileges of the authenticated user. Tyler Technologies deployed hardened remote Windows environment settings to all ERP Pro 9 SaaS customer environments as of 2025-08-01.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41530
Published : Aug. 7, 2025, 6:15 p.m. | 4 hours, 33 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41531 - Hospital Management System SQL Injection Vulnerability
CVE ID : CVE-2023-41531
Published : Aug. 7, 2025, 6:15 p.m. | 4 hours, 33 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func3.php via the username1 and password2 parameters.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41532 - Medicore Hospital Management System SQL Injection
CVE ID : CVE-2023-41532
Published : Aug. 7, 2025, 6:15 p.m. | 4 hours, 33 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the doctor_contact parameter in doctorsearch.php.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51629
Published : Aug. 7, 2025, 6:15 p.m. | 4 hours, 33 minutes ago
Description : A cross-site scripting (XSS) vulnerability in the PdfViewer component of Agenzia Impresa Eccobook 2.81.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Temp parameter.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41521 - SAM System SQL Injection Vulnerability
CVE ID : CVE-2023-41521
Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createSessionTerm.php via the id, termId, and sessionName parameters.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41522
Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createStudents.php via the Id, firstname, and admissionNumber parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41523
Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the emailAddress parameter at createClassTeacher.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41524
Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a SQL injection vulnerability via the username parameter at index.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41525 - MedCare Hospital Management System SQL Injection
CVE ID : CVE-2023-41525
Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the patient_contact parameter in patientsearch.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41526 - "MediCare Hospital Management System SQL Injection Vulnerability"
CVE ID : CVE-2023-41526
Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in func1.php via the username3 and password3 parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41527 - Medcare Hospital Management System SQL Injection
CVE ID : CVE-2023-41527
Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago
Description : Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the password2 parameter in func.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-41528
Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in contact.php via the txtname, txtphone, and txtmail parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41529 - "MediSys Hospital Management System Cross-Site Scripting Vulnerability"
CVE ID : CVE-2023-41529
Published : Aug. 7, 2025, 6:15 p.m. | 2 hours, 56 minutes ago
Description : Hospital Management System v4 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities in func2.php via the fname and lname parameters.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-40992 - Apache Hospital Management System SQL Injection Vulnerability
CVE ID : CVE-2023-40992
Published : Aug. 7, 2025, 6:15 p.m. | 1 hour, 16 minutes ago
Description : Hospital Management System 4 is vulnerable to a SQL injection in /Hospital-Management-System-master/func.php via the password2 parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41519 - SAM System Cross-Site Scripting Vulnerability
CVE ID : CVE-2023-41519
Published : Aug. 7, 2025, 6:15 p.m. | 1 hour, 16 minutes ago
Description : Student Attendance Management System v1 was discovered to contain a cross-site scripting (XSS) vulnerability via the sessionName parameter at createSessionTerm.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-41520 - SAM System SQL Injection Vulnerability
CVE ID : CVE-2023-41520
Published : Aug. 7, 2025, 6:15 p.m. | 1 hour, 16 minutes ago
Description : Student Attendance Management System v1 was discovered to contain multiple SQL injection vulnerabilities in createClassArms.php via the classId and classArmName parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54397 - Netwrix Directory Manager Information Disclosure Vulnerability
CVE ID : CVE-2025-54397
Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 16 minutes ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 inserts Sensitive Information Into Sent Data to authenticated users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55137
Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 16 minutes ago
Description : LinkJoin through 882f196 mishandles lacks type checking in password reset.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55138
Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 16 minutes ago
Description : LinkJoin through 882f196 mishandles token ownership in password reset.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-34152 - "Aitemi M300 Wi-Fi Repeater OS Command Injection"
CVE ID : CVE-2025-34152
Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 1 minute ago
Description : An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) via the 'time' parameter of the '/protocol.csp?' endpoint. The input is processed by the internal date '-s' command without rebooting or disrupting HTTP service. Unlike other injection points, this vector allows remote compromise without triggering visible configuration changes.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54392
Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 1 minute ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication error data, a different vulnerability than CVE-2025-47189.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54393
Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 1 minute ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows Static Code Injection. Authenticated users can obtain administrative access.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54394
Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 1 minute ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 has Insufficiently Protected Credentials for requests to remote Excel resources.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54395
Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 1 minute ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows XSS for authentication configuration data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54396
Published : Aug. 7, 2025, 5:15 p.m. | 2 hours, 1 minute ago
Description : Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0 before 11.1.25162.02 allows SQL Injection. Authenticated users can exploit this.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-42048 - OpenOrange Business Framework Privilege Escalation
CVE ID : CVE-2024-42048
Published : Aug. 7, 2025, 5:15 p.m. | 16 minutes ago
Description : OpenOrange Business Framework 1.15.5 provides unprivileged users with write access to the installation directory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-24000 - WPExperts Post SMTP Authentication Bypass
CVE ID : CVE-2025-24000
Published : Aug. 7, 2025, 5:15 p.m. | 16 minutes ago
Description : Authentication Bypass Using an Alternate Path or Channel vulnerability in WPExperts Post SMTP allows Authentication Bypass.This issue affects Post SMTP: from n/a through 3.2.0.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34148
Published : Aug. 7, 2025, 5:15 p.m. | 16 minutes ago
Description : An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02). When configuring the device in WISP mode, the 'ssid' parameter is passed unsanitized to system-level scripts. This allows remote attackers within Wi-Fi range to inject arbitrary shell commands that execute as root, resulting in full device compromise.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34149
Published : Aug. 7, 2025, 5:15 p.m. | 16 minutes ago
Description : A command injection vulnerability affects the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) during WPA2 configuration. The 'key' parameter is interpreted directly by the system shell, enabling attackers to execute arbitrary commands as root. Exploitation requires no authentication and can be triggered during wireless setup.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34150
Published : Aug. 7, 2025, 5:15 p.m. | 16 minutes ago
Description : The PPPoE configuration interface of the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) is vulnerable to command injection via the 'user' parameter. Input is processed unsafely during network setup, allowing attackers to execute arbitrary system commands with root privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34151
Published : Aug. 7, 2025, 5:15 p.m. | 16 minutes ago
Description : A command injection vulnerability exists in the 'passwd' parameter of the PPPoE setup process on the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02). The input is passed directly to system-level commands without sanitation, enabling unauthenticated attackers to achieve root-level code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-56339 - IBM WebSphere Application Server Bypass of Security Restrictions Vulnerability
CVE ID : CVE-2024-56339
Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago
Description : IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 could allow a remote attacker to bypass security restrictions caused by a failure to honor security configuration.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-44779
Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago
Description : An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to the endpoint /api/pull.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47907
Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago
Description : Cancelling a query (e.g. by cancelling the context passed to one of the query methods) during a call to the Scan method of the returned Rows can result in unexpected results if other queries are being made in parallel. This can result in a race condition that may overwrite the expected results with those of another query, causing the call to Scan to return either unexpected results from the other query or an error.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55133 - Agora Foundation Agora Cross-Site Scripting (XSS)
CVE ID : CVE-2025-55133
Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago
Description : In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via topicName in client/agora/public/js/editorManager.js.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55134 - "Agora Foundation Agora XSS Injection Vulnerability"
CVE ID : CVE-2025-55134
Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago
Description : In Agora Foundation Agora fall23-Alpha1 before b087490, there is XSS via tag in client/agora/public/js/editorManager.js.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55135 - Agora Foundation Agora XSS via SVG Profile Picture
CVE ID : CVE-2025-55135
Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago
Description : In Agora Foundation Agora fall23-Alpha1 before 690ce56, there is XSS via a profile picture to server/controller/userController.js. Formats other than PNG, JPEG, and WEBP are permitted by server/routes/userRoutes.js; this includes SVG.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55136
Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago
Description : ERC (aka Emotion Recognition in Conversation) through 0.3 has insecure deserialization via a serialized object because jsonpickle is used.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7054
Published : Aug. 7, 2025, 4:15 p.m. | 1 hour, 16 minutes ago
Description : Cloudflare quiche was discovered to be vulnerable to an infinite loop when sending packets containing RETIRE_CONNECTION_ID frames.
QUIC connections possess a set of connection identifiers (IDs); see Section 5.1 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000#section-5.1 . Once the QUIC handshake completes, a local endpoint is responsible for issuing and retiring Connection IDs that are used by the remote peer to populate the Destination Connection ID field in packets sent from remote to local. Each Connection ID has a sequence number to ensure synchronization between peers.
An unauthenticated remote attacker can exploit this vulnerability by first completing a handshake and then sending a specially-crafted set of frames that trigger a connection ID retirement in the victim. When the victim attempts to send a packet containing RETIRE_CONNECTION_ID frames, Section 19.16 of RFC 9000 https://datatracker.ietf.org/doc/html/rfc9000#section-19.6 requires that the sequence number of the retired connection ID must not be the same as the sequence number of the connection ID used by the packet. In other words, a packet cannot contain a frame that retires itself. In scenarios such as path migration, it is possible for there to be multiple active paths with different active connection IDs that could be used to retire each other. The exploit triggered an unintentional behaviour of a quiche design feature that supports retirement across paths while maintaining full connection ID synchronization, leading to an infinite loop.This issue affects quiche: from 0.15.0 before 0.24.5.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47188
Published : Aug. 7, 2025, 3:15 p.m. | 2 hours, 16 minutes ago
Description : A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit through 6.4 SP4, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands within the context of the phone, leading to disclosure or modification of sensitive configuration data or affecting device availability and operation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50952
Published : Aug. 7, 2025, 3:15 p.m. | 2 hours, 16 minutes ago
Description : openjpeg v 2.5.0 was discovered to contain a NULL pointer dereference via the component /openjp2/dwt.c.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-52680 - EyouCMS Cross Site Scripting Vulnerability
CVE ID : CVE-2024-52680
Published : Aug. 7, 2025, 2:15 p.m. | 3 hours ago
Description : EyouCMS 1.6.7 is vulnerable to Cross Site Scripting (XSS) in /login.php?m=admin&c=System&a=web&lang=cn.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-55401
Published : Aug. 7, 2025, 2:15 p.m. | 3 hours ago
Description : An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8533
Published : Aug. 7, 2025, 10:15 a.m. | 7 hours ago
Description : A vulnerability was identified in the XPC services of Fantastical. The services failed to implement proper client authorization checks in its listener:shouldAcceptNewConnection method, unconditionally accepting requests from any local process. As a result, any local, unprivileged process could connect to the XPC service and access its methods.
This issue has been resolved in version 4.0.16.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29866
Published : Aug. 7, 2025, 6:15 a.m. | 11 hours ago
Description : : External Control of File Name or Path vulnerability in TAGFREE X-Free Uploader XFU allows : Parameter Injection.This issue affects X-Free Uploader: from 1.0.1.0084 before 1.0.1.0085, from 2.0.1.0034 before 2.0.1.0035.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-35970
Published : Aug. 7, 2025, 6:15 a.m. | 11 hours ago
Description : On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password is easy to guess from the information available via SNMP. If the administrator password is not changed from the initial one, a remote attacker with SNMP access can log in to the product with the administrator privilege.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32094
Published : Aug. 7, 2025, 5:15 a.m. | 12 hours ago
Description : An issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under certain circumstances, a client making an HTTP/1.x OPTIONS request with an "Expect: 100-continue" header, and using obsolete line folding, can lead to a discrepancy in how two in-path Akamai servers interpret the request, allowing an attacker to smuggle a second request in the original request body.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29865
Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago
Description : : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TAGFREE X-Free Uploader XFU allows Path Traversal.This issue affects X-Free Uploader: from 1.0.1.0084 before 1.0.1.0085, from 2.0.1.0034 before 2.0.1.0035.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8576 - "Google Chrome Extensions Use After Free Heap Corruption Vulnerability"
CVE ID : CVE-2025-8576
Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago
Description : Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8577 - Google Chrome Picture In Picture UI Spoofing Vulnerability
CVE ID : CVE-2025-8577
Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago
Description : Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8578 - Google Chrome Use After Free Heap Corruption Vulnerability
CVE ID : CVE-2025-8578
Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago
Description : Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8579 - Google Chrome Picture In Picture UI Spoofing Vulnerability
CVE ID : CVE-2025-8579
Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago
Description : Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8580 - Google Chrome Filesystems UI Spoofing Vulnerability
CVE ID : CVE-2025-8580
Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago
Description : Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8581 - Google Chrome Extensions Cross-Origin Data Leakage
CVE ID : CVE-2025-8581
Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago
Description : Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8582 - Google Chrome URL Bar Spoofing Vulnerability
CVE ID : CVE-2025-8582
Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago
Description : Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8583 - Google Chrome Permissions UI Spoofing Vulnerability
CVE ID : CVE-2025-8583
Published : Aug. 7, 2025, 2:15 a.m. | 15 hours ago
Description : Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-3770
Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago
Description : EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54783
Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago
Description : SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Versions 7.14.6 and below have a Reflected Cross-Site Scripting (XSS) vulnerability. This vulnerability allows an attacker to execute JavaScript code by modifying the HTTP Referer header to include some arbitrary domain with malicious JavaScript code at the end. The server will attempt to block the arbitrary domain but allow the JavaScript code to execute. This is fixed in version 7.14.7.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54784 - SuiteCRM Cross Site Scripting (XSS) Vulnerability
CVE ID : CVE-2025-54784
Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago
Description : SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. There is a Cross Site Scripting (XSS) vulnerability in the email viewer in versions 7.14.0 through 7.14.6. An external attacker could send a prepared message to the inbox of the SuiteCRM-instance. By simply viewing emails as the logged-in user, the payload can be triggered. With that, an attacker is able to run arbitrary actions as the logged-in user - like extracting data, or if it is an admin executing the payload, takeover the instance. This is fixed in versions 7.14.7.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54798 - tmp Node.js Symbolic Link Directory Write Vulnerability
CVE ID : CVE-2025-54798
Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago
Description : tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54799 - Lego ACME Library HTTP to HTTPS Enforcement Weakness
CVE ID : CVE-2025-54799
Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago
Description : Let's Encrypt client and ACME library written in Go (Lego). In versions 4.25.1 and below, the github.com/go-acme/lego/v4/acme/api package (thus the lego library and the lego cli as well) don't enforce HTTPS when talking to CAs as an ACME client. Unlike the http-01 challenge which solves an ACME challenge over unencrypted HTTP, the ACME protocol requires HTTPS when a client communicates with the CA to performs ACME functions. However, the library fails to enforce HTTPS both in the original discover URL (configured by the library user) and in the subsequent addresses returned by the CAs in the directory and order objects. If users input HTTP URLs or CAs misconfigure endpoints, protocol operations occur over HTTP instead of HTTPS. This compromises privacy by exposing request/response details like account and request identifiers to network attackers. This was fixed in version 4.25.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54882 - Microsoft Azure Entra ID and Intune Himmelblau World Readable Kerberos Credential Cache
CVE ID : CVE-2025-54882
Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago
Description : Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. In versions 0.8.0 through 0.9.21 and 1.0.0-beta through 1.1.0, Himmelblau stores the cloud TGT received during logon in the Kerberos credential cache. The created credential cache collection and received credentials are stored as world readable. This is fixed in versions 0.9.22 and 1.2.0. To work around this issue, remove all read access to Himmelblau caches for all users except for owners.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54885
Published : Aug. 7, 2025, 1:15 a.m. | 14 hours, 49 minutes ago
Description : Thinbus Javascript Secure Remote Password is a browser SRP6a implementation for zero-knowledge password authentication. In versions 2.0.0 and below, a protocol compliance bug causes the client to generate a fixed 252 bits of entropy instead of the intended bit length of the safe prime (defaulted to 2048 bits). The client public value is being generated from a private value that is 4 bits below the specification. This reduces the protocol's designed security margin it is now practically exploitable. The servers full sized 2048 bit random number is used to create the shared session key and password proof. This is fixed in version 2.0.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54788
Published : Aug. 7, 2025, 12:15 a.m. | 15 hours, 49 minutes ago
Description : SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions and below, the InboundEmail module allows the arbitrary execution of queries in the backend database, leading to SQL injection. This can have wide-reaching implications on confidentiality, integrity, and availability, as database data can be retrieved, modified, or removed entirely. This issue is fixed in version 7.14.7.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54785
Published : Aug. 7, 2025, 12:15 a.m. | 15 hours ago
Description : SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions 7.14.6 and 8.8.0, user-supplied input is not validated/sanitized before it is passed to the unserialize function, which could lead to penetration, privilege escalation, sensitive data exposure, Denial of Service, cryptomining and ransomware. This issue is fixed in version 7.14.7 and 8.8.1.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54786 - SuiteCRM Broken Authentication in iCal Service
CVE ID : CVE-2025-54786
Published : Aug. 7, 2025, 12:15 a.m. | 15 hours ago
Description : SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions 7.14.6 and 8.8.0, the broken authentication in the legacy iCal service allows unauthenticated access to meeting data. An unauthenticated actor can view any user's meeting (calendar event) data given their username, related functionality allows user enumeration. This is fixed in versions 7.14.7 and 8.8.1.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-3194
Published : Aug. 6, 2025, 11:15 p.m. | 14 hours, 15 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8086 - Apache HTTP Server Remote Code Execution Vulnerability
CVE ID : CVE-2025-8086
Published : Aug. 6, 2025, 11:15 p.m. | 14 hours, 15 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7770 - Tigo Energy CCA Predictable Session ID Vulnerability
CVE ID : CVE-2025-7770
Published : Aug. 6, 2025, 9:15 p.m. | 11 hours, 59 minutes ago
Description : Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The session IDs are generated using a predictable method based on the current timestamp, allowing attackers to recreate valid session IDs. When combined with the ability to circumvent session ID requirements for certain commands, this enables unauthorized access to sensitive device functions on connected solar optimization systems.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7768 - Tigo Energy CCA Hard-Coded Credentials Vulnerability
CVE ID : CVE-2025-7768
Published : Aug. 6, 2025, 9:15 p.m. | 8 hours, 32 minutes ago
Description : Tigo Energy's Cloud Connect Advanced (CCA) device contains hard-coded credentials that allow unauthorized users to gain administrative access. This vulnerability enables attackers to escalate privileges and take full control of the device, potentially modifying system settings, disrupting solar energy production, and interfering with safety mechanisms.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7769 - Tigo Energy CCA Command Injection Vulnerability
CVE ID : CVE-2025-7769
Published : Aug. 6, 2025, 9:15 p.m. | 8 hours, 32 minutes ago
Description : Tigo Energy's CCA is vulnerable to a command injection vulnerability in the /cgi-bin/mobile_api endpoint when the DEVICE_PING command is called, allowing remote code execution due to improper handling of user input. When used with default credentials, this enables attackers to execute arbitrary commands on the device that could cause potential unauthorized access, service disruption, and data exposure.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6634 - Autodesk 3ds Max Memory Corruption Vulnerability
CVE ID : CVE-2025-6634
Published : Aug. 6, 2025, 9:15 p.m. | 7 hours, 59 minutes ago
Description : A maliciously crafted TGA file, when linked or imported into Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51052 - Vedo Suite Path Traversal Vulnerability
CVE ID : CVE-2025-51052
Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago
Description : A path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to read arbitrary filesystem files by exploiting an unsanitized 'file_get_contents()' function call in '/api_vedo/template'.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51053 - Vedo Suite Cross-site Scripting (XSS)
CVE ID : CVE-2025-51053
Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago
Description : A Cross-site scripting (XSS) vulnerability in /api_vedo/ in Vedo Suite version 2024.17 allows remote attackers to inject arbitrary Javascript or HTML code and potentially trigger code execution in victim's browser.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51054
Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago
Description : Vedo Suite 2024.17 is vulnerable to Incorrect Access Control, which allows remote attackers to obtain a valid high privilege JWT token without prior authentication via sending an empty HTTP POST request to the /autologin/ API endpoint.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51055 - Vedo Suite Insecure Data Storage Vulnerability
CVE ID : CVE-2025-51055
Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago
Description : Insecure Data Storage of credentials has been found in /api_vedo/configuration/config.yml file in Vedo Suite version 2024.17. This file contains clear-text credentials, secret keys, and database information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51056 - Vedo Suite Unrestricted File Upload RCE
CVE ID : CVE-2025-51056
Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago
Description : An unrestricted file upload vulnerability in Vedo Suite version 2024.17 allows remote authenticated attackers to write to arbitrary filesystem paths by exploiting the insecure 'uploadPreviews()' custom function in '/api_vedo/colorways_preview', ultimately resulting in remote code execution (RCE).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51057
Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago
Description : A local file inclusion (LFI) vulnerability in Vedo Suite version 2024.17 allows remote authenticated attackers to read arbitrary filesystem files by exploiting an unsanitized 'readfile()' function call in '/api_vedo/video/preview'.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51058 - Bottinelli Informatical Vedo Suite SSRF
CVE ID : CVE-2025-51058
Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago
Description : Bottinelli Informatical Vedo Suite 2024.17 is vulnerable to Server-side Request Forgery (SSRF) in the /api_vedo/video/preview endpoint, which allows remote authenticated attackers to trigger HTTP requests towards arbitrary remote paths via the "file" URL parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6632 - Autodesk 3ds Max Out-of-Bounds Read
CVE ID : CVE-2025-6632
Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago
Description : A maliciously crafted PSD file, when linked or imported into Autodesk 3ds Max, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6633 - Autodesk 3ds Max Out-of-Bounds Write Vulnerability
CVE ID : CVE-2025-6633
Published : Aug. 6, 2025, 9:15 p.m. | 4 hours, 15 minutes ago
Description : A maliciously crafted RBG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-55398
Published : Aug. 6, 2025, 9:15 p.m. | 1 hour, 59 minutes ago
Description : 4C Strategies Exonaut before v22.4 was discovered to contain insecure permissions.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-55399
Published : Aug. 6, 2025, 9:15 p.m. | 1 hour, 59 minutes ago
Description : 4C Strategies Exonaut before v21.6.2.1-1 was discovered to contain a Server-Side Request Forgery (SSRF).
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-55402
Published : Aug. 6, 2025, 9:15 p.m. | 1 hour, 59 minutes ago
Description : 4C Strategies Exonaut before v22.4 was discovered to contain an access control issue.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46660 - 4C Strategies Exonaut Hashing Without Salt Vulnerability
CVE ID : CVE-2025-46660
Published : Aug. 6, 2025, 9:15 p.m. | 1 hour, 59 minutes ago
Description : An issue was discovered in 4C Strategies Exonaut 21.6. Passwords, stored in the database, are hashed without a salt.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47908 - Apache Middleware Denial of Service Vulnerability
CVE ID : CVE-2025-47908
Published : Aug. 6, 2025, 9:15 p.m. | 1 hour, 59 minutes ago
Description : Middleware causes a prohibitive amount of heap allocations when processing malicious preflight requests that include a Access-Control-Request-Headers (ACRH) header whose value contains many commas. This behavior can be abused by attackers to produce undue load on the middleware/server as an attempt to cause a denial of service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50740
Published : Aug. 6, 2025, 9:15 p.m. | 1 hour, 59 minutes ago
Description : AutoConnect 1.4.2, an Arduino library, is vulnerable to a cross site scripting (xss) vulnerability. The AutoConnect web interface /_ac/config allows HTML/JS code to be executed via a crafted network SSID.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38746 - Dell SupportAssist OS Recovery Exposure of Sensitive Information to an Unauthorized Actor
CVE ID : CVE-2025-38746
Published : Aug. 6, 2025, 8:15 p.m. | 2 hours, 59 minutes ago
Description : Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contains an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information Disclosure.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38747 - Dell SupportAssist Elevation of Privileges Vulnerability
CVE ID : CVE-2025-38747
Published : Aug. 6, 2025, 8:15 p.m. | 2 hours, 59 minutes ago
Description : Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contain a Creation of Temporary File With Insecure Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to Elevation of Privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-45764
Published : Aug. 6, 2025, 8:15 p.m. | 2 hours, 59 minutes ago
Description : jsrsasign v11.1.0 was discovered to contain weak encryption.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-45766 - Poco Weak Encryption Vulnerability
CVE ID : CVE-2025-45766
Published : Aug. 6, 2025, 8:15 p.m. | 2 hours, 59 minutes ago
Description : poco v1.14.1-release was discovered to contain weak encryption.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46659 - "4C Strategies Exonaut External HTTPS Information Disclosure"
CVE ID : CVE-2025-46659
Published : Aug. 6, 2025, 8:15 p.m. | 2 hours, 59 minutes ago
Description : An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. Information disclosure can occur via an external HTTPS request.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51624 - Zone Bitaqati Cross-Site Scripting (XSS)
CVE ID : CVE-2025-51624
Published : Aug. 6, 2025, 8:15 p.m. | 2 hours, 59 minutes ago
Description : Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8130
Published : Aug. 6, 2025, 7:15 p.m. | 2 hours, 11 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8667 - SkyworkAI DeepResearchAgent OS Command Injection Vulnerability
CVE ID : CVE-2025-8667
Published : Aug. 6, 2025, 6:15 p.m. | 3 hours, 11 minutes ago
Description : A vulnerability, which was classified as critical, was found in SkyworkAI DeepResearchAgent up to 08eb7f8eb9505d0094d75bb97ff7dacc3fa3bbf2. Affected is the function from_code/from_dict/from_mcp of the file src/tools/tools.py. The manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20215
Published : Aug. 6, 2025, 5:15 p.m. | 4 hours, 11 minutes ago
Description : A vulnerability in the meeting-join functionality of Cisco Webex Meetings could have allowed an unauthenticated, network-proximate attacker to complete a meeting-join process in place of an intended targeted user, provided the requisite conditions were satisfied. Cisco has addressed this vulnerability in the Cisco Webex Meetings service, and no customer action is needed.
This vulnerability existed due to client certificate validation issues. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by monitoring local wireless or adjacent networks for client-join requests and attempting to interrupt and complete the meeting-join flow as another user who was currently joining a meeting. To successfully exploit the vulnerability, an attacker would need the capability to position themselves in a local wireless or adjacent network, to monitor and intercept the targeted network traffic flows, and to satisfy timing requirements in order to interrupt the meeting-join flow and exploit the vulnerability. A successful exploit could have allowed the attacker to join the meeting as another user. However, the Cisco Product Security Incident Response Team (PSIRT) is not aware of any malicious use of the vulnerability that is described in this advisory.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20331
Published : Aug. 6, 2025, 5:15 p.m. | 4 hours, 11 minutes ago
Description : A vulnerability in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface.
This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on the affected device.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20332 - Cisco ISE HTTP Request Forgery (Remote Code Execution)
CVE ID : CVE-2025-20332
Published : Aug. 6, 2025, 5:15 p.m. | 4 hours, 11 minutes ago
Description : A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to modify parts of the configuration on an affected device.
This vulnerability is due to the lack of server-side validation of Administrator permissions. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system. A successful exploit could allow the attacker to modify descriptions of files on a specific page. To exploit this vulnerability, an attacker would need valid read-only Administrator credentials.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30127 - Marbella KR8s Dashcam FF Information Disclosure and File Access Vulnerability
CVE ID : CVE-2025-30127
Published : Aug. 6, 2025, 5:15 p.m. | 4 hours, 11 minutes ago
Description : An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Once access is gained either by default, common, or cracked passwords, the video recordings (containing sensitive routes, conversations, and footage) are open for downloading by creating a socket to command port 7777, and then downloading video via port 7778 and audio via port 7779.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8419
Published : Aug. 6, 2025, 5:15 p.m. | 4 hours, 11 minutes ago
Description : A vulnerability was found in Keycloak-services. Special characters used during e-mail registration may perform SMTP Injection and unexpectedly send short unwanted e-mails. The email is limited to 64 characters (limited local part of the email), so the attack is limited to very shorts emails (subject and little data, the example is 60 chars). This flaw's only direct consequence is an unsolicited email being sent from the Keycloak server. However, this action could be a precursor for more sophisticated attacks.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8665 - Agno-agi Agno Os Command Injection Vulnerability
CVE ID : CVE-2025-8665
Published : Aug. 6, 2025, 5:15 p.m. | 4 hours, 11 minutes ago
Description : A vulnerability, which was classified as critical, has been found in agno-agi agno up to 1.7.5. This issue affects the function MCPTools/MultiMCPTools in the library libs/agno/agno/tools/mcp.py of the component Model Context Protocol Handler. The manipulation of the argument command leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-8244
Published : Aug. 6, 2025, 4:15 p.m. | 5 hours, 11 minutes ago
Description : The filepath.Walk and filepath.WalkDir functions are documented as not following symbolic links, but both functions are susceptible to a TOCTOU (time of check/time of use) race condition where a portion of the path being walked is replaced with a symbolic link while the walk is in progress.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48393
Published : Aug. 6, 2025, 4:15 p.m. | 5 hours, 11 minutes ago
Description : The server identity check mechanism for firmware upgrade performed via command shell is insecurely implemented potentially allowing an attacker to perform a Man-in-the-middle attack. This security issue has been fixed in the latest version which is available on the Eaton download center.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48394
Published : Aug. 6, 2025, 4:15 p.m. | 5 hours, 11 minutes ago
Description : An attacker with authenticated and privileged access could modify the contents of a non-sensitive file by traversing the path in the limited shell of the CLI. This security issue has been fixed in the latest version which is available on the Eaton download center.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51531
Published : Aug. 6, 2025, 4:15 p.m. | 5 hours, 11 minutes ago
Description : A reflected cross-site scripting (XSS) vulnerability in Sage DPW v2024.12.003 allows attackers to execute arbitrary JavaScript in the context of a victim's browser via injcting a crafted payload into the tabfields parameter at /dpw/scripts/cgiip.exe/WService. This is fixed in Halbjahresversion 2024_12_004.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51532 - Sage DPW Unauthenticated Access Control Bypass Vulnerability
CVE ID : CVE-2025-51532
Published : Aug. 6, 2025, 4:15 p.m. | 5 hours, 11 minutes ago
Description : Incorrect access control in Sage DPW v2024.12.003 allows unauthorized attackers to access the built-in Database Monitor via a crafted request. This is fixed in Halbjahresversion 2024_12_004.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53786 - Microsoft Exchange Server Hybrid Deployment Authentication Bypass Vulnerability
CVE ID : CVE-2025-53786
Published : Aug. 6, 2025, 4:15 p.m. | 5 hours, 11 minutes ago
Description : On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments and accompanying non-security Hot Fix. Microsoft made these changes in the general interest of improving the security of hybrid Exchange deployments. Following further investigation, Microsoft identified specific security implications tied to the guidance and configuration steps outlined in the April announcement. Microsoft is issuing CVE-2025-53786 to document a vulnerability that is addressed by taking the steps documented with the April 18th announcement. Microsoft strongly recommends reading the information, installing the April 2025 (or later) Hot Fix and implementing the changes in your Exchange Server and hybrid environment.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50234
Published : Aug. 6, 2025, 3:15 p.m. | 6 hours, 11 minutes ago
Description : MCCMS v2.7.0 has an SSRF vulnerability located in the index() method of the sys\apps\controllers\api\Gf.php file, where the pic parameter is processed. The pic parameter is decrypted using the sys_auth($pic, 1) function, which utilizes a hard-coded key Mc_Encryption_Key (bD2voYwPpNuJ7B8), defined in the db.php file. The decrypted URL is passed to the geturl() method, which uses cURL to make a request to the URL without proper security checks. An attacker can craft a malicious encrypted pic parameter, which, when decrypted, points to internal addresses or local file paths (such as http://127.0.0.1 or file://). By using the file:// protocol, the attacker can access arbitrary files on the local file system (e.g., file:///etc/passwd, file:///C:/Windows/System32/drivers/etc/hosts), allowing them to read sensitive configuration files, log files, and more, leading to information leakage or system exposure. The danger of this SSRF vulnerability includes accessing internal services and local file systems through protocols like http://, ftp://, and file://, which can result in sensitive data leakage, remote code execution, privilege escalation, or full system compromise, severely affecting the system's security and stability.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50286
Published : Aug. 6, 2025, 3:15 p.m. | 6 hours, 11 minutes ago
Description : A Remote Code Execution (RCE) vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plugin via the /admin/tools/direct-install interface. Once uploaded, the plugin is automatically extracted and loaded, allowing arbitrary PHP code execution and reverse shell access.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51040 - Electrolink FM/DAB/TV Transmitter Web Unauthorized Access
CVE ID : CVE-2025-51040
Published : Aug. 6, 2025, 3:15 p.m. | 6 hours, 11 minutes ago
Description : Electrolink FM/DAB/TV Transmitter Web Management System Unauthorized access vulnerability via the /FrameSetCore.html endpoint in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, and Display v1.4, v1.2.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51306
Published : Aug. 6, 2025, 3:15 p.m. | 6 hours, 11 minutes ago
Description : In Gatling Enterprise versions below 1.25.0, a user logging-out can still use his session token to continue using the application without expiration, due to incorrect session management.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51308 - Gatling Enterprise Information Disclosure Vulnerability
CVE ID : CVE-2025-51308
Published : Aug. 6, 2025, 3:15 p.m. | 6 hours, 11 minutes ago
Description : In Gatling Enterprise versions below 1.25.0, a low-privileged user that does not hold the role "admin" could perform a REST API call on read-only endpoints, allowing him to collect some information, due to missing authorization checks.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-52885 - Fortinet Mobile Access Portal Directory Traversal Vulnerability
CVE ID : CVE-2024-52885
Published : Aug. 6, 2025, 3:15 p.m. | 4 hours, 8 minutes ago
Description : The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user (authorized to at least one File Share application) to list the file names of 'nobody'-accessible directories on the Mobile Access gateway.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-2028 - Apache Log4j Country Flag IP Information Disclosure
CVE ID : CVE-2025-2028
Published : Aug. 6, 2025, 3:15 p.m. | 4 hours, 8 minutes ago
Description : Lack of TLS validation when downloading a CSV file including mapping from IPs to countries used ONLY for displaying country flags in logs
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36020 - IBM Guardium Data Protection Cleartext Credential Disclosure
CVE ID : CVE-2025-36020
Published : Aug. 6, 2025, 3:15 p.m. | 4 hours, 8 minutes ago
Description : IBM Guardium Data Protection could allow a remote attacker to obtain sensitive information due to cleartext transmission of sensitive credential information.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50233
Published : Aug. 6, 2025, 3:15 p.m. | 4 hours, 8 minutes ago
Description : A vulnerability in QCMS version 6.0.5 allows authenticated users to read arbitrary files from the server due to insufficient validation of the "Name" parameter in the backend template editor. By manipulating the parameter, attackers can perform directory traversal and access sensitive files outside the intended template directory, potentially exposing system configuration, PHP source code, or other sensitive information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3320 - IBM Tivoli Monitoring Heap-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-3320
Published : Aug. 6, 2025, 2:15 p.m. | 5 hours, 8 minutes ago
Description : IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-3354 - IBM Tivoli Monitoring Heap-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-3354
Published : Aug. 6, 2025, 2:15 p.m. | 5 hours, 8 minutes ago
Description : IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8616
Published : Aug. 6, 2025, 2:15 p.m. | 5 hours, 8 minutes ago
Description : A weakness identified in OpenText Advanced Authentication where a Malicious browser plugin can record and replay the user authentication process to bypass Authentication. This issue affects Advanced Authentication on or before 6.5.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23325 - NVIDIA Triton Inference Server Recursion Denial of Service
CVE ID : CVE-2025-23325
Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23326 - NVIDIA Triton Inference Server Integer Overflow Denial of Service
CVE ID : CVE-2025-23326
Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23327 - NVIDIA Triton Inference Server Integer Overflow Vulnerability
CVE ID : CVE-2025-23327
Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through specially crafted inputs. A successful exploit of this vulnerability might lead to denial of service and data tampering.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23331 - NVIDIA Triton Inference Server Denial of Service (DoS)
CVE ID : CVE-2025-23331
Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a memory allocation with excessive size value, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23333 - NVIDIA Triton Inference Server Out-of-Bounds Read Vulnerability
CVE ID : CVE-2025-23333
Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by manipulating shared memory data. A successful exploit of this vulnerability might lead to information disclosure.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23334 - NVIDIA Triton Inference Server Out-of-Bounds Read Vulnerability
CVE ID : CVE-2025-23334
Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by sending a request. A successful exploit of this vulnerability might lead to information disclosure.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23335 - NVIDIA Triton Inference Server Denial of Service Underflow
CVE ID : CVE-2025-23335
Published : Aug. 6, 2025, 1:15 p.m. | 4 hours, 10 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux and the Tensor RT backend contain a vulnerability where an attacker could cause an underflow by a specific model configuration and a specific input. A successful exploit of this vulnerability might lead to denial of service.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23310 - NVIDIA Triton Inference Server Stack Buffer Overflow Vulnerability
CVE ID : CVE-2025-23310
Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause stack buffer overflow by specially crafted inputs. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, and data tampering.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23311
Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago
Description : NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a stack overflow through specially crafted HTTP requests. A successful exploit of this vulnerability might lead to remote code execution, denial of service, information disclosure, or data tampering.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23317 - NVIDIA Triton Inference Server HTTP Server Remote Code Execution Vulnerability
CVE ID : CVE-2025-23317
Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago
Description : NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23318 - NVIDIA Triton Inference Server Python Backend Out-of-Bounds Write
CVE ID : CVE-2025-23318
Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, data tampering, and information disclosure.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23319
Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds write by sending a request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information disclosure.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23320 - NVIDIA Triton Inference Server Memory Information Disclosure
CVE ID : CVE-2025-23320
Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause the shared memory limit to be exceeded by sending a very large request. A successful exploit of this vulnerability might lead to information disclosure.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23321 - NVIDIA Triton Inference Server Divide by Zero Denial of Service
CVE ID : CVE-2025-23321
Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a divide by zero issue by issuing an invalid request. A successful exploit of this vulnerability might lead to denial of service.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23322 - NVIDIA Triton Inference Server Double Free Denial of Service Vulnerability
CVE ID : CVE-2025-23322
Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where multiple requests could cause a double free when a stream is cancelled before it is processed. A successful exploit of this vulnerability might lead to denial of service.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23323 - NVIDIA Triton Inference Server Integer Overflow Denial of Service
CVE ID : CVE-2025-23323
Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23324 - NVIDIA Triton Inference Server Integer Overflow Denial of Service
CVE ID : CVE-2025-23324
Published : Aug. 6, 2025, 1:15 p.m. | 1 hour, 58 minutes ago
Description : NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5197 - Hugging Face Transformers ReDoS Vulnerability
CVE ID : CVE-2025-5197
Published : Aug. 6, 2025, 12:15 p.m. | 2 hours, 58 minutes ago
Description : A Regular Expression Denial of Service (ReDoS) vulnerability exists in the Hugging Face Transformers library, specifically in the `convert_tf_weight_name_to_pt_weight_name()` function. This function, responsible for converting TensorFlow weight names to PyTorch format, uses a regex pattern `/[^/]*___([^/]*)/` that can be exploited to cause excessive CPU consumption through crafted input strings due to catastrophic backtracking. The vulnerability affects versions up to 4.51.3 and is fixed in version 4.53.0. This issue can lead to service disruption, resource exhaustion, and potential API service vulnerabilities, impacting model conversion processes between TensorFlow and PyTorch formats.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46388 - Apache HTTP Server Information Disclosure
CVE ID : CVE-2025-46388
Published : Aug. 6, 2025, 11:15 a.m. | 3 hours, 58 minutes ago
Description : CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46389 - Microsoft Azure Active Directory Password Change
CVE ID : CVE-2025-46389
Published : Aug. 6, 2025, 11:15 a.m. | 3 hours, 58 minutes ago
Description : CWE-620: Unverified Password Change
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46390 - Apache Web Server HTTP Response Manipulation Vulnerability
CVE ID : CVE-2025-46390
Published : Aug. 6, 2025, 11:15 a.m. | 3 hours, 58 minutes ago
Description : CWE-204: Observable Response Discrepancy
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46391 - Apache HTTP Server Authentication Bypass
CVE ID : CVE-2025-46391
Published : Aug. 6, 2025, 11:15 a.m. | 3 hours, 58 minutes ago
Description : CWE-284: Improper Access Control
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46386
Published : Aug. 6, 2025, 11:15 a.m. | 1 hour, 41 minutes ago
Description : CWE-639 Authorization Bypass Through User-Controlled Key
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46387
Published : Aug. 6, 2025, 11:15 a.m. | 1 hour, 41 minutes ago
Description : CWE-639 Authorization Bypass Through User-Controlled Key
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22469 - Siemens SIMATIC S7-1200 OS Command Injection Vulnerability
CVE ID : CVE-2025-22469
Published : Aug. 6, 2025, 10:15 a.m. | 2 hours, 41 minutes ago
Description : OS command injection vulnerability exists in CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1. An arbitrary OS command may be executed on the system with a certain non-administrative user privilege.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-22470 - Siemens SIMATIC CL4/6NX Plus Lua File Execution Vulnerability
CVE ID : CVE-2025-22470
Published : Aug. 6, 2025, 10:15 a.m. | 2 hours, 41 minutes ago
Description : CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1 allow crafted dangerous files to be uploaded. An arbitrary Lua script may be executed on the system with the root privilege.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6013
Published : Aug. 6, 2025, 10:15 a.m. | 2 hours, 41 minutes ago
Description : Vault and Vault Enterprise’s (“Vault”) ldap auth method may not have correctly enforced MFA if username_as_alias was set to true and a user had multiple CNs that are equal but with leading or trailing spaces. Fixed in Vault Community Edition 1.20.2 and Vault Enterprise 1.20.2, 1.19.8, 1.18.13, and 1.16.24.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7771
Published : Aug. 6, 2025, 10:15 a.m. | 2 hours, 41 minutes ago
Description : ThrottleStop.sys, a legitimate driver, exposes two IOCTL interfaces that allow arbitrary read and write access to physical memory via the MmMapIoSpace function. This insecure implementation can be exploited by a malicious user-mode application to patch the running Windows kernel and invoke arbitrary kernel functions with ring-0 privileges. The vulnerability enables local attackers to execute arbitrary code in kernel context, resulting in privilege escalation and potential follow-on attacks, such as disabling security software or bypassing kernel-level protections. ThrottleStop.sys version 3.0.0.0 and possibly others are affected. Apply updates per vendor instructions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8620 - GiveWP Information Exposure Vulnerability
CVE ID : CVE-2025-8620
Published : Aug. 6, 2025, 10:15 a.m. | 2 hours, 41 minutes ago
Description : The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.6.0. This makes it possible for unauthenticated attackers to extract donor names, emails, and donor id.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7202
Published : Aug. 6, 2025, 9:15 a.m. | 3 hours, 41 minutes ago
Description : A Cross-Site Request Forgery (CSRF) in Elgato's Key Lights and related light products allows an attacker to host a malicious webpage that remotely controlles the victim's lights.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8556
Published : Aug. 6, 2025, 9:15 a.m. | 3 hours, 41 minutes ago
Description : A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27066 - "Qualcomm Wi-Fi ANQP Message Processing Denial of Service"
CVE ID : CVE-2025-27066
Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago
Description : Transient DOS while processing an ANQP message.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27067
Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago
Description : Memory corruption while processing DDI call with invalid buffer.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27068
Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago
Description : Memory corruption while processing an IOCTL command with an arbitrary address.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27069
Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago
Description : Memory corruption while processing DDI command calls.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27071 - Powerline Communication Firmware Buffer Overflow
CVE ID : CVE-2025-27071
Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago
Description : Memory corruption while processing specific files in Powerline Communication Firmware.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27072 - Cisco EAVB Header Length Information Disclosure Vulnerability
CVE ID : CVE-2025-27072
Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago
Description : Information disclosure while processing a packet at EAVB BE side with invalid header length.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27073 - Cisco Nexus Series: Denial of Service Vulnerability
CVE ID : CVE-2025-27073
Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago
Description : Transient DOS while creating NDP instance.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27075 - Qualcomm Bluetooth Host Memory Corruption Vulnerability
CVE ID : CVE-2025-27075
Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago
Description : Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27076
Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago
Description : Memory corruption while processing simultaneous requests via escape path.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47324 - D-Link Powerline Information Disclosure Vulnerability
CVE ID : CVE-2025-47324
Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago
Description : Information disclosure while accessing and modifying the PIB file of a remote device via powerline.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7954 - Shopware Voucher System Race Condition
CVE ID : CVE-2025-7954
Published : Aug. 6, 2025, 8:15 a.m. | 4 hours, 41 minutes ago
Description : A race condition vulnerability has been identified in Shopware's voucher system of Shopware v6.6.10.4 that allows attackers to bypass intended voucher restrictions and exceed usage limitations.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21465 - Cisco Networking Equipment Information Disclosure
CVE ID : CVE-2025-21465
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago
Description : Information disclosure while processing the hash segment in an MBN file.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21472 - Citrix eSE Debug Information Disclosure Vulnerability
CVE ID : CVE-2025-21472
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago
Description : Information disclosure while capturing logs as eSE debug messages are logged.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21473 - Cisco Camera Data Mover (CDM) Register Write Memory Corruption Vulnerability
CVE ID : CVE-2025-21473
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago
Description : Memory corruption when using Virtual cdm (Camera Data Mover) to write registers.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21474
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago
Description : Memory corruption while processing commands from A2dp sink command queue.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21477 - Oracle NetWare CCCH Data Handling Denial of Service Vulnerability
CVE ID : CVE-2025-21477
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago
Description : Transient DOS while processing CCCH data when NW sends data with invalid length.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27062
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago
Description : Memory corruption while handling client exceptions, allowing unauthorized channel access.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27065 - Cisco Security Appliance Denial of Service
CVE ID : CVE-2025-27065
Published : Aug. 6, 2025, 8:15 a.m. | 2 hours, 35 minutes ago
Description : Transient DOS while processing a frame with malformed shared-key descriptor.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21452 - Nokia LTE Network Transient Denial of Service
CVE ID : CVE-2025-21452
Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago
Description : Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21455 - Apache HTTP Server Kernel Memory Corruption Vulnerability
CVE ID : CVE-2025-21455
Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago
Description : Memory corruption while submitting blob data to kernel space though IOCTL.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21456 - Microsoft Windows Kernel IOCTL Buffer Overflow
CVE ID : CVE-2025-21456
Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago
Description : Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21457 - Apache Fasta RPC Information Disclosure Vulnerability
CVE ID : CVE-2025-21457
Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago
Description : Information disclosure while opening a fastrpc session when domain is not sanitized.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21458
Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago
Description : Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21461
Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago
Description : Memory corruption when programming registers through virtual CDM.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21464 - Apache ImageMagick Out-of-Bounds Read Information Disclosure
CVE ID : CVE-2025-21464
Published : Aug. 6, 2025, 8:15 a.m. | 58 minutes ago
Description : Information disclosure while reading data from an image using specified offset and size parameters.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20990 - Western Digital External Hard Drive Device Node Access Control Vulnerability
CVE ID : CVE-2025-20990
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Improper access control in accessing system device node prior to SMR Aug-2025 Release 1 allows local attackers to access device identifier.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21010
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Improper privilege management in SamsungAccount prior to SMR Aug-2025 Release 1 allows local privileged attackers to deactivate Samsung account.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21011 - Samsung Galaxy Watch Unauthenticated Sensor Data Exposure
CVE ID : CVE-2025-21011
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Improper access control in SemSensorService for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to motion and body sensors.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21012 - Samsung Galaxy Watch Fall Detection Access Control Vulnerability
CVE ID : CVE-2025-21012
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Improper access control in fall detection for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to modify fall detection configuration.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21013 - Samsung Galaxy Watch SemSensorManager Access Control Bypass
CVE ID : CVE-2025-21013
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Improper access control in SemSensorManager for Galaxy Watch prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information related to outdoor exercise and sleep time.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21014 - Android Emergency SoS Component Export Vulnerability
CVE ID : CVE-2025-21014
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Improper export of android application component in Emergency SoS prior to SMR Aug-2025 Release 1 allows local attackers to access sensitive information.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21015
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 allows local attackers to delete file with Document scanner's privilege.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21016 - PkgPredictorService Android Improper Access Control Vulnerability
CVE ID : CVE-2025-21016
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Improper access control in PkgPredictorService prior to SMR Aug-2025 Release 1 in Chinese Android 13, 14, 15 and 16 allows local attackers to use the privileged APIs.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21017
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Out-of-bounds write in detaching crypto box in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21018
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21019 - Samsung Health Authorization Bypass Vulnerability
CVE ID : CVE-2025-21019
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Improper authorization in Samsung Health prior to version 6.30.1.003 allows local attackers to access data in Samsung Health. User interaction is required for triggering this vulnerability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21020
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Out-of-bounds write in creating bitmap images in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21021
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to write out-of-bounds memory.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21022 - Galaxy Wearable Information Disclosure Vulnerability
CVE ID : CVE-2025-21022
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Improper access control in Galaxy Wearable prior to version 2.2.63.25042861 allows local attackers to access sensitive information.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21023 - Samsung Galaxy Watch Local File Access Vulnerability
CVE ID : CVE-2025-21023
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Improper access control in WcsExtension for Galaxy Watch prior to Android Watch 16 allows local attackers to access sensitive information.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-21024 - Android Smart View Implicit Intent Information Disclosure Vulnerability
CVE ID : CVE-2025-21024
Published : Aug. 6, 2025, 5:15 a.m. | 2 hours, 10 minutes ago
Description : Use of Implicit Intent for Sensitive Communication in Smart View prior to Android 16 allows local attackers to access sensitive information.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55023
Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55024 - Apache HTTP Server Authentication Bypass
CVE ID : CVE-2025-55024
Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55025 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-55025
Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55026 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-55026
Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55027 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-55027
Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6994
Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago
Description : The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.3. This is due to the plugin allowing users who are registering new accounts to set their own role or by supplying 'listing_user_role' field. This makes it possible for unauthenticated attackers to gain elevated privileges by creating an account with the administrator role.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7399 - "Elementor Stored Cross-Site Scripting in Betheme Theme for WordPress"
CVE ID : CVE-2025-7399
Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago
Description : The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via an Elementor display setting in all versions up to, and including, 28.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7498
Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago
Description : The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget in all versions up to, and including, 2.7.9.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8100 - Elementor Addons and Templates Stored Cross-Site Scripting
CVE ID : CVE-2025-8100
Published : Aug. 6, 2025, 4:16 a.m. | 3 hours, 9 minutes ago
Description : The Element Pack Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'marker_content' parameter in versions up to, and including, 8.1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54640
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : ParcelMismatch vulnerability in attribute deserialization.
Impact: Successful exploitation of this vulnerability may cause playback control screen display exceptions.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54641
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Issue of buffer overflow caused by insufficient data verification in the kernel acceleration module.
Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54642
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Issue of buffer overflow caused by insufficient data verification in the kernel gyroscope module.
Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54643 - Apache Ambient Light Module Array Out-of-Bounds Information Disclosure
CVE ID : CVE-2025-54643
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54644
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54645 - Apache Location Service Array Index Out-of-Bounds Vulnerability
CVE ID : CVE-2025-54645
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Out-of-bounds array access issue due to insufficient data verification in the location service module.
Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54646 - Qualcomm BLE Packet Length Overflow Vulnerability
CVE ID : CVE-2025-54646
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Vulnerability of inadequate packet length check in the BLE module.
Impact: Successful exploitation of this vulnerability may affect performance.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54647
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Out-of-bounds read vulnerability in the SSAP module of the NearLink protocol stack.
Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54648
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Out-of-bounds read vulnerability in the SSAP module of the NearLink protocol stack.
Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54649 - Google Location Service Type Confusion Vulnerability
CVE ID : CVE-2025-54649
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Vulnerability of using incompatible types to access resources in the location service.
Impact: Successful exploitation of this vulnerability may cause some location information attributes to be incorrect.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54650 - Cisco Audio Codec Array Index Vulnerability
CVE ID : CVE-2025-54650
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Improper array index verification vulnerability in the audio codec module.
Impact: Successful exploitation of this vulnerability may affect the audio decoding function.
Severity: 4.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54651
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Race condition vulnerability in the kernel hufs module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55019 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-55019
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-55020
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55021 - Apache HTTP Server Denial of Service
CVE ID : CVE-2025-55021
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55022 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-55022
Published : Aug. 6, 2025, 4:16 a.m. | 56 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8632
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26255.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8633
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26256.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8634
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26257.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8635
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26258.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8636
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26259.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8637
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26260.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8638
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26261.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8639
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26262.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8640
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26263.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8641
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26264.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8642
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26265.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8643
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26266.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8644
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26267.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8645
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26268.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8646
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26269.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8647
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26270.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8648
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26271.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8649
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the JKWifiService. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26305.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8650
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR libSystemLib Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26306.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8651
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the JKWifiService. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26307.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8652
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR JKWifiService Command Injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the JKWifiService. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26311.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8653
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the JKRadioService. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26312.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8654
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR ReadMVGImage Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the ReadMVGImage function. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26313.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8655
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR libSystemLib Command injection Remote Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firmware update process. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26314.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8656
Published : Aug. 6, 2025, 2:15 a.m. | 56 minutes ago
Description : Kenwood DMX958XR Protection Mechanism Failure Software Downgrade Vulnerability. This vulnerability allows physically present attackers to downgrade software on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the libSystemLib library. The issue results from the lack of proper validation of version information before performing an update. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-26355.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-32430
Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago
Description : XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-3 through 16.4.7, 16.5.0-rc-1 through 16.10.5 and 17.0.0-rc-1 through 17.2.2, two templates contain reflected XSS vulnerabilities, allowing an attacker to execute malicious JavaScript code in the context of the victim's session by getting the victim to visit an attacker-controlled URL. This permits the attacker to perform arbitrary actions using the permissions of the victim. This issue is fixed in versions 16.4.8, 16.10.6 and 17.3.0-rc-1. To workaround the issue, manually patch the WAR with the same changes as the original patch.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54124
Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago
Description : XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki Platform Old Core versions 9.8-rc-1 through 16.4.6, 16.5.0-rc-1 through 16.10.4, and 17.0.0-rc-1 through 17.1.0, any user with editing rights can create an XClass with a database list property that references a password property. When adding an object of that XClass, the content of that password property is displayed. In practice, with a standard rights setup, this means that any user with an account on the wiki can access password hashes of all users, and possibly other password properties (with hashed or plain storage) that are on pages that the user can view. This issue is fixed in versions 16.4.7, 16.10.5 and 17.2.0-rc-1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54125 - XWiki Platform XML Export Information Disclosure Vulnerability
CVE ID : CVE-2025-54125
Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago
Description : XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform Legacy Old Core and XWiki Platform Old Core versions 1.1 through 16.4.6, 16.5.0-rc-1 through 16.10.4 and 17.0.0-rc-1 through 17.1.0, the XML export of a page in XWiki that can be triggered by any user with view rights on a page by appending ?xpage=xml to the URL includes password and email properties stored on a document that aren't named password or email. This is fixed in versions 16.4.7, 16.10.5 and 17.2.0-rc-1. To work around this issue, the file templates/xml.vm in the deployed WAR can be deleted if the XML isn't needed. There isn't any feature in XWiki itself that depends on the XML export.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54571
Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago
Description : ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. In versions 2.9.11
and below, an attacker can override the HTTP response’s Content-Type, which could lead to several issues depending on the HTTP scenario. For example, we have demonstrated the potential for XSS and arbitrary script source code disclosure in the latest version of mod_security2. This issue is fixed in version 2.9.12.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54594
Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago
Description : react-native-bottom-tabs is a library of Native Bottom Tabs for React Native. In versions 0.9.2 and below, the github/workflows/release-canary.yml GitHub Actions repository workflow improperly used the pull_request_target event trigger, which allowed for untrusted code from a forked pull request to be executed in a privileged context. An attacker could create a pull request containing a malicious preinstall script in the package.json file and then trigger the vulnerable workflow by posting a specific comment (!canary). This allowed for arbitrary code execution, leading to the exfiltration of sensitive secrets such as GITHUB_TOKEN and NPM_TOKEN, and could have allowed an attacker to push malicious code to the repository or publish compromised packages to the NPM registry. There is a remediation commit which removes github/workflows/release-canary.yml, but a version with this fix has yet to be released.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54801 - Fiber Ctx.BodyParser Slice Index Overflow/Exhaustion Vulnerability
CVE ID : CVE-2025-54801
Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago
Description : Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index (e.g., test.18446744073704), the application crashes due to an out-of-bounds slice allocation in the underlying schema decoder. The root cause is that the decoder attempts to allocate a slice of length idx + 1 without validating whether the index is within a safe or reasonable range. If the idx is excessively large, this leads to an integer overflow or memory exhaustion, causing a panic or crash. This is fixed in version 2.52.9.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54869
Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago
Description : FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 and below, any application that uses FPDI to process user-supplied PDF files is at risk, causing a Denial of Service (DoS) vulnerability. An attacker can upload a small, malicious PDF file that will cause the server-side script to crash due to memory exhaustion. Repeated attacks can lead to sustained service unavailability. This issue is fixed in version 2.6.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54872 - "Onion-Site-Template Tor Image Exposure Vulnerability"
CVE ID : CVE-2025-54872
Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago
Description : onion-site-template is a complete, scalable tor hidden service self-hosting sample. Versions which include commit 3196bd89 contain a baked-in tor image if the secrets were copied from an existing onion domain. A website could be compromised if a user shared the baked-in image, or if someone were able to acquire access to the user's device outside of a containerized environment. This is fixed by commit bc9ba0fd.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54873 - RISC Zero RISC-V Arithmetic Overflow/Underflow
CVE ID : CVE-2025-54873
Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago
Description : RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. RISC packages risc0-zkvm versions 2.0.0 through 2.1.0 and risc0-circuit-rv32im and risc0-circuit-rv32im-sys versions 2.0.0 through 2.0.4 contain vulnerabilities where signed integer division allows multiple outputs for certain inputs with only one being valid, and division by zero results are underconstrained. This issue is fixed in risc0-zkvm version 2.2.0 and version 3.0.0 for the risc0-circuit-rv32im and risc0-circuit-rv32im-sys packages.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54876
Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago
Description : The Janssen Project is an open-source identity and access management (IAM) platform. In versions 1.9.0 and below, Janssen stores passwords in plaintext in the local cli_cmd.log file. This is fixed in the nightly prerelease.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54879
Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago
Description : Mastodon is a free, open-source social network server based on ActivityPub Mastodon which facilitates LDAP configuration for authentication. In versions 3.1.5 through 4.2.24, 4.3.0 through 4.3.11 and 4.4.0 through 4.4.3, Mastodon's rate-limiting system has a critical configuration error where the email-based throttle for confirmation emails incorrectly checks the password reset path instead of the confirmation path, effectively disabling per-email limits for confirmation requests. This allows attackers to bypass rate limits by rotating IP addresses and send unlimited confirmation emails to any email address, as only a weak IP-based throttle (25 requests per 5 minutes) remains active. The vulnerability enables denial-of-service attacks that can overwhelm mail queues and facilitate user harassment through confirmation email spam. This is fixed in versions 4.2.24, 4.3.11 and 4.4.3.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54883
Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago
Description : Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the getSecureRandomInt function in security-kit versions prior to 3.5.0 (packaged in Vision-ui <= 1.4.0) contains a critical cryptographic weakness. Due to a silent 32-bit integer overflow in its internal masking logic, the function fails to produce a uniform distribution of random numbers when the requested range between min and max is larger than 2³². The root cause is the use of a 32-bit bitwise left-shift operation (<<) to generate a bitmask for the rejection sampling algorithm. This causes the mask to be incorrect for any range requiring 32 or more bits of entropy. This issue is fixed in version 1.5.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54884 - Vision UI Denial of Service Vulnerability
CVE ID : CVE-2025-54884
Published : Aug. 6, 2025, 12:15 a.m. | 57 minutes ago
Description : Vision UI is a collection of enterprise-grade, dependency-free modules for modern web projects. In versions 1.4.0 and below, the generateSecureId and getSecureRandomInt functions in security-kit versions prior to 3.5.0 (packaged in Vision UI 1.4.0 and below) are vulnerable to Denial of Service (DoS) attacks. The generateSecureId(length) function directly used the length parameter to size a Uint8Array buffer, allowing attackers to exhaust server memory through repeated requests for large IDs since the previous 1024 limit was insufficient. The getSecureRandomInt(min, max) function calculated buffer size based on the range between min and max, where large ranges caused excessive memory allocation and CPU-intensive rejection-sampling loops that could hang the thread. This issue is fixed in version 1.5.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8571
Published : Aug. 5, 2025, 11:15 p.m. | 1 hour, 56 minutes ago
Description : Concrete CMS 9 to 9.4.2 and versions below 8.5.21 are vulnerable to Reflected Cross-Site Scripting (XSS) in the Conversation Messages Dashboard Page. Unsanitized input could cause theft of session cookies or tokens, defacement of web content, redirection to malicious sites, and (if victim is an admin), the execution of unauthorized actions. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 4.8 with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks Fortbridge https://fortbridge.co.uk/ for performing a penetration test and vulnerability assessment on Concrete CMS and reporting this issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8573 - Concrete CMS Stored XSS on Members Dashboard
CVE ID : CVE-2025-8573
Published : Aug. 5, 2025, 11:15 p.m. | 1 hour, 56 minutes ago
Description : Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page. Version 8 was not affected. A rogue admin could set up a malicious folder containing XSS to which users could be directed upon login. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.0 with vector CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N. Thanks sealldev for reporting via HackerOne.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52237
Published : Aug. 5, 2025, 9:15 p.m. | 3 hours, 56 minutes ago
Description : An issue in the component /stl/actions/download?filePath of SSCMS v7.3.1 allows attackers to execute a directory traversal.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53534 - RatPanel Remote Code Execution and Unauthorized Access Vulnerability
CVE ID : CVE-2025-53534
Published : Aug. 5, 2025, 9:15 p.m. | 3 hours, 56 minutes ago
Description : RatPanel is a server operation and maintenance management panel. In versions 2.3.19 through 2.5.5, when an attacker obtains the backend login path of RatPanel (including but not limited to weak default paths, brute-force cracking, etc.), they can execute system commands or take over hosts managed by the panel without logging in. In addition to this remote code execution (RCE) vulnerability, the flawed code also leads to unauthorized access. RatPanel uses the CleanPath middleware provided by github.com/go-chi/chi package to clean URLs, but but the middleware does not process r.URL.Path, which can cause the paths to be misinterpreted. This is fixed in version 2.5.6.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10067
Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 57 minutes ago
Description : Glossword versions 1.8.8 through 1.8.12 contain an authenticated arbitrary file upload vulnerability. When deployed as a standalone application, the administrative interface (gw_admin.php) allows users with administrator privileges to upload files to the gw_temp/a/ directory. Due to insufficient validation of file type and path, attackers can upload and execute PHP payloads, resulting in remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10068
Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 57 minutes ago
Description : Foxit Reader Plugin version 2.2.1.530, bundled with Foxit Reader 5.4.4.11281, contains a stack-based buffer overflow vulnerability in the npFoxitReaderPlugin.dll module. When a PDF file is loaded from a remote host, an overly long query string in the URL can overflow a buffer, allowing remote attackers to execute arbitrary code.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10069 - D-Link Router OS Command Injection Vulnerability
CVE ID : CVE-2013-10069
Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 57 minutes ago
Description : The web interface of multiple D-Link routers, including DIR-600 rev B (≤2.14b01) and DIR-300 rev B (≤2.13), contains an unauthenticated OS command injection vulnerability in command.php, which improperly handles the cmd POST parameter. A remote attacker can exploit this flaw without authentication to spawn a Telnet service on a specified port, enabling persistent interactive shell access as root.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10070
Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 57 minutes ago
Description : PHP-Charts v1.0 contains a PHP code execution vulnerability in wizard/url.php, where user-supplied GET parameter names are passed directly to eval() without sanitization. A remote attacker can exploit this flaw by crafting a request that injects arbitrary PHP code, resulting in command execution under the web server's context. The vulnerability allows unauthenticated attackers to execute system-level commands via base64-encoded payloads embedded in parameter names, leading to full compromise of the host system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2014-125113
Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 57 minutes ago
Description : An unrestricted file upload vulnerability exists in Dell (acquired by Quest) KACE K1000 System Management Appliance version 5.0 - 5.3, 5.4 prior to 5.4.76849, and 5.5 prior to 5.5.90547 in the download_agent.php endpoint. An attacker can upload arbitrary PHP files to a temporary web-accessible directory, which are later executed through inclusion in backend code that loads files under attacker-controlled paths.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50592 - Seacms Cross Site Scripting Vulnerability
CVE ID : CVE-2025-50592
Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 57 minutes ago
Description : Cross site scripting vulnerability in seacms before 13.2 via the vid parameter to Upload/js/player/dmplayer/player.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51541
Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 56 minutes ago
Description : A stored cross-site scripting (XSS) vulnerability exists in the Shopware 6 installation interface at /recovery/install/database-configuration/. The c_database_schema field fails to properly sanitize user-supplied input before rendering it in the browser, allowing an attacker to inject malicious JavaScript. This vulnerability can be exploited via a Cross-Site Request Forgery (CSRF) attack due to the absence of CSRF protections on the POST request. An unauthenticated remote attacker can craft a malicious web page that, when visited by a victim, stores the payload persistently in the installation configuration. As a result, the payload executes whenever any user subsequently accesses the vulnerable installation page, leading to persistent client-side code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52078
Published : Aug. 5, 2025, 8:15 p.m. | 4 hours, 56 minutes ago
Description : File upload vulnerability in Writebot AI Content Generator SaaS React Template thru 4.0.0, allowing remote attackers to gain escalated privileges via a crafted POST request to the /file-upload endpoint.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10024 - XBMC HTTP Server Path Traversal Vulnerability
CVE ID : CVE-2012-10024
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : XBMC version 11, including builds up to the 2012-11-04 nightly release, contains a path traversal vulnerability in its embedded HTTP server. When accessed via HTTP Basic Authentication, the server fails to properly sanitize URI input, allowing authenticated users to request files outside the intended document root. An attacker can exploit this flaw to read arbitrary files from the host filesystem, including sensitive configuration or credential files.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10025
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : The WordPress plugin Advanced Custom Fields (ACF) version 3.5.1 and below contains a remote file inclusion (RFI) vulnerability in core/actions/export.php. When the PHP configuration directive allow_url_include is enabled (default: Off), an unauthenticated attacker can exploit the acf_abspath POST parameter to include and execute arbitrary remote PHP code. This leads to remote code execution under the web server’s context, allowing full compromise of the host.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10026
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : The WordPress plugin Asset-Manager version 2.0 and below contains an unauthenticated arbitrary file upload vulnerability in upload.php. The endpoint fails to properly validate and restrict uploaded file types, allowing remote attackers to upload malicious PHP scripts to a predictable temporary directory. Once uploaded, the attacker can execute the file via a direct HTTP GET request, resulting in remote code execution under the web server’s context.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10027
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : WP-Property plugin for WordPress through version 1.35.0 contains an unauthenticated file upload vulnerability in the third-party `uploadify.php` script. A remote attacker can upload arbitrary PHP files to a temporary directory without authentication, leading to remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10028
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : Netwin SurgeFTP version 23c8 and prior contains a vulnerability in its web-based administrative console that allows authenticated users to execute arbitrary system commands via crafted POST requests to `surgeftpmgr.cgi`. This can lead to full remote code execution on the underlying system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10029 - Nagios XI Command Injection Vulnerability
CVE ID : CVE-2012-10029
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : Nagios XI Network Monitor prior to Graph Explorer component version 1.3 contains a command injection vulnerability in `visApi.php`. An authenticated user can inject system commands via unsanitized parameters such as `host`, resulting in remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10030 - FreeFloat FTP Server Remote Code Execution Vulnerability
CVE ID : CVE-2012-10030
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote attackers to upload arbitrary files to sensitive system directories. The server accepts empty credentials, defaults user access to the root of the C:\ drive, and imposes no restrictions on file type or destination path. These conditions enable attackers to upload executable payloads and .mof files to locations such as system32 and wbem\mof, where Windows Management Instrumentation (WMI) automatically processes and executes them. This results in remote code execution with SYSTEM-level privileges, without requiring user interaction.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10031 - BlazeVideo HDTV Player Pro Stack-Based Buffer Overflow
CVE ID : CVE-2012-10031
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : BlazeVideo HDTV Player Pro v6.6.0.3 is vulnerable to a stack-based buffer overflow due to improper handling of user-supplied input embedded in .plf playlist files. When parsing a crafted .plf file, the MediaPlayerCtrl.dll component invokes PathFindFileNameA() to extract a filename from a URL-like string. The returned value is then copied to a fixed-size stack buffer using an inline strcpy call without bounds checking. If the input exceeds the buffer size, this leads to a stack overflow and potential arbitrary code execution under the context of the user.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10032
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : Maxthon3 versions prior to 3.3 are vulnerable to cross context scripting (XCS) via the about:history page. The browser’s trusted zone improperly handles injected script content, allowing attackers to execute arbitrary JavaScript in a privileged context. This flaw enables modification of browser configuration and execution of arbitrary code through Maxthon’s exposed DOM APIs, including maxthon.program.Program.launch() and maxthon.io.writeDataURL(). Exploitation requires user interaction, typically by visiting a malicious webpage that triggers the injection.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10033
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : Narcissus is vulnerable to remote code execution via improper input handling in its image configuration workflow. Specifically, the backend.php script fails to sanitize the release parameter before passing it to the configure_image() function. This function invokes PHP’s passthru() with the unsanitized input, allowing attackers to inject arbitrary system commands. Exploitation occurs via a crafted POST request, resulting in command execution under the web server’s context.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10034
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : ClanSphere 2011.3 is vulnerable to a local file inclusion (LFI) flaw due to improper handling of the cs_lang cookie parameter. The application fails to sanitize user-supplied input, allowing attackers to traverse directories and read arbitrary files outside the web root. The vulnerability is further exacerbated by null byte injection (%00) to bypass file extension checks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10035 - Turbo FTP Server Buffer Overflow Vulnerability
CVE ID : CVE-2012-10035
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : Turbo FTP Server versions 1.30.823 and 1.30.826 contain a buffer overflow vulnerability in the handling of the PORT command. By sending a specially crafted payload, an unauthenticated remote attacker can overwrite memory structures and execute arbitrary code with SYSTEM privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10064 - ActFax Server Buffer Overflow Vulnerability
CVE ID : CVE-2013-10064
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : A stack-based buffer overflow vulnerability exists in ActFax Server version 5.01. The server's RAW protocol interface fails to safely process user-supplied data in @F506 fax header fields due to insecure usage of strcpy. Remote attackers can exploit this vulnerability by sending specially crafted @F506 fields, potentially leading to arbitrary code execution. Successful exploitation requires network access to TCP port 4559 and does not require authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10065
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : A denial-of-service vulnerability exists in Sysax Multi-Server version 6.10 via its SSH daemon. A specially crafted SSH key exchange packet can trigger a crash in the service, resulting in loss of availability. The flaw is triggered during the handling of malformed key exchange data, including a non-standard byte (\x28) in place of the expected SSH protocol delimiter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10066
Published : Aug. 5, 2025, 8:15 p.m. | 2 hours, 33 minutes ago
Description : An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint (users_add.php) that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP payload and invoking it via a direct HTTP request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2012-10023 - FreeFloat FTP Server Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2012-10023
Published : Aug. 5, 2025, 8:15 p.m. | 34 minutes ago
Description : A stack-based buffer overflow vulnerability exists in FreeFloat FTP Server version 1.0.0. The server fails to properly validate input passed to the USER command, allowing remote attackers to overwrite memory and potentially execute arbitrary code. The flaw is triggered by sending an overly long username string, which overflows the buffer allocated for user authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-45512
Published : Aug. 5, 2025, 7:15 p.m. | 1 hour, 34 minutes ago
Description : A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot (U-Boot) v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50454 - Blue Access Cobalt X1 Authentication Bypass Vulnerability
CVE ID : CVE-2025-50454
Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago
Description : An Authentication Bypass vulnerability in Blue Access' Cobalt X1 thru 02.000.187 allows an unauthorized attacker to log into the application as an administrator without valid credentials.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50688
Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago
Description : A command injection vulnerability exists in TwistedWeb (version 14.0.0) due to improper input sanitization in the file upload functionality. An attacker can exploit this vulnerability by sending a specially crafted HTTP PUT request to upload a malicious file (e.g., a reverse shell script). Once uploaded, the attacker can trigger the execution of arbitrary commands on the target system, allowing for remote code execution. This could lead to escalation of privileges depending on the privileges of the web server process. The attack does not require physical access and can be conducted remotely, posing a significant risk to the confidentiality and integrity of the system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51060
Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago
Description : An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker can use DeviceIoControl with the unvalidated parameters 0x9C402440 and 0x9C402444 as IoControlCodes to perform RDMSR and WRMSR, respectively. Through this process, the attacker can modify MSR_LSTAR and hook KiSystemCall64. Afterward, using Return-Oriented Programming (ROP), the attacker can manipulate the stack with pre-prepared gadgets, disable the SMAP flag in the CR4 register, and execute a user-mode syscall handler in the kernel context. It has not been confirmed whether this works on 32-bit Windows, but it functions on 64-bit Windows if the core isolation feature is either absent or disabled.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51627
Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago
Description : Incorrect access control in CaricaVerbale in Agenzia Impresa Eccobook v2.81.1 allows authenticated attackers with low-level access to escalate privileges to Administrator.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51628
Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago
Description : Insecure Direct Object Reference (IDOR) vulnerability in PdfHandler component in Agenzia Impresa Eccobook v2.81.1 and below allows unauthenticated attackers to read confidential documents via the DocumentoId parameter.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51857 - Halo XSS Vulnerability in AttachmentReconciler Class
CVE ID : CVE-2025-51857
Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago
Description : The reconcile method in the AttachmentReconciler class of the Halo system v.2.20.18LTS and before is vulnerable to XSS attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8586
Published : Aug. 5, 2025, 6:15 p.m. | 1 hour, 9 minutes ago
Description : A vulnerability, which was classified as problematic, was found in libav up to 12.3. This affects the function ff_seek_frame_binary of the file /libavformat/utils.c of the component MPEG File Parser. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The bug was initially reported by the researcher to the wrong project. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-43978 - Jointelli 5G CPE OS Command Injection Vulnerability
CVE ID : CVE-2025-43978
Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 10 minutes ago
Description : Jointelli 5G CPE 21H01 firmware JY_21H01_A3_v1.36 devices allow (blind) OS command injection. Multiple endpoints are vulnerable, including /ubus/?flag=set_WPS_pin and /ubus/?flag=netAppStar1 and /ubus/?flag=set_wifi_cfgs. This allows an authenticated attacker to execute arbitrary OS commands with root privileges via crafted inputs to the SSID, WPS, Traceroute, and Ping fields.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43980
Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 10 minutes ago
Description : An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN. They enable the SSH service by default with the credentials of root/admin. The GUI doesn't offer a way to disable the account.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54253
Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 9 minutes ago
Description : Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration vulnerability that could result in arbitrary code execution. An attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54254 - Adobe Experience Manager XXE File System Read Vulnerability
CVE ID : CVE-2025-54254
Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 9 minutes ago
Description : Adobe Experience Manager versions 6.5.23 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files on the local file system. Exploitation of this issue does not require user interaction.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7674 - Roche Diagnostics navify Monitoring Denial of Service (DoS) Vulnerability
CVE ID : CVE-2025-7674
Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 9 minutes ago
Description : Improper Input Validation vulnerability in Roche Diagnostics navify Monitoring allows an attacker to manipulate input data, which may lead to a denial of service (DoS) due to negatively impacting the server's performance. This vulnerability has no impact on data confidentiality or integrity.
This issue affects navify Monitoring before 1.08.00.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8584 - Libav AVI File Parser Null Pointer Dereference Vulnerability
CVE ID : CVE-2025-8584
Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 9 minutes ago
Description : A vulnerability classified as problematic was found in libav up to 12.3. Affected by this vulnerability is the function av_buffer_unref of the file libavutil/buffer.c of the component AVI File Parser. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The bug was initially reported by the researcher to the wrong project. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8585
Published : Aug. 5, 2025, 5:15 p.m. | 2 hours, 9 minutes ago
Description : A vulnerability, which was classified as critical, has been found in libav up to 12.3. Affected by this issue is the function main of the file /avtools/avconv.c of the component DSS File Demuxer. The manipulation leads to double free. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The bug was initially reported by the researcher to the wrong project. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-43979
Published : Aug. 5, 2025, 4:15 p.m. | 3 hours, 9 minutes ago
Description : An issue was discovered on FIRSTNUM JC21A-04 devices through 2.01ME/FN that allows authenticated attackers to execute arbitrary OS system commands with root privileges via crafted payloads to the xml_action.cgi?method= endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46658 - "4C Strategies Exonaut ExonautWeb Information Disclosure"
CVE ID : CVE-2025-46658
Published : Aug. 5, 2025, 4:15 p.m. | 3 hours, 9 minutes ago
Description : An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. There are verbose error messages.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27931
Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago
Description : An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Editor version 10.5.2.395. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29745 - Emsisoft Anti-Malware Net-NTLMv2 Hash Information Disclosure
CVE ID : CVE-2025-29745
Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago
Description : A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows attackers on a remote server to obtain Net-NTLMv2 hash information via a specially created A2S (Emsisoft Custom Scan) extension file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2611
Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago
Description : The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an attacker to inject shell commands into a session cookie that get executed on the server. This results in unauthenticated remote code execution in the session handling.
Versions 7.4 and below are known to be vulnerable.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-44964
Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago
Description : A lack of SSL certificate validation in BlueStacks v5.20 allows attackers to execute a man-it-the-middle attack and obtain sensitive information.
Severity: 3.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46958
Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago
Description : Adobe Experience Manager versions 6.5.22 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47152
Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago
Description : An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.6.0.396. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50706
Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago
Description : An issue in thinkphp v.5.1 allows a remote attacker to execute arbitrary code via the routecheck function
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50707
Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago
Description : An issue in thinkphp3 v.3.2.5 allows a remote attacker to execute arbitrary code via the index.php component
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54874
Published : Aug. 5, 2025, 3:15 p.m. | 4 hours, 9 minutes ago
Description : OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG 2.5.3 and earlier, a call to opj_jp2_read_header may lead to OOB heap memory write when the data stream p_stream is too short and p_image is not initialized.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-52890 - IBM Engineering Lifecycle Optimization Cross-Site Scripting Vulnerability
CVE ID : CVE-2024-52890
Published : Aug. 5, 2025, 2:15 p.m. | 3 hours, 4 minutes ago
Description : IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.03 could be susceptible to cross-site scripting due to no validation of URIs.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7025
Published : Aug. 5, 2025, 2:15 p.m. | 3 hours, 4 minutes ago
Description : A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7032
Published : Aug. 5, 2025, 2:15 p.m. | 3 hours, 4 minutes ago
Description : A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7033
Published : Aug. 5, 2025, 2:15 p.m. | 3 hours, 4 minutes ago
Description : A memory abuse issue exists in the Rockwell Automation Arena® Simulation. A custom file can force Arena Simulation to read and write past the end of memory space. Successful use requires user action, such as opening a bad file or webpage. If used, a threat actor could execute code or disclose information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54948 - Trend Micro Apex One Remote Code Execution
CVE ID : CVE-2025-54948
Published : Aug. 5, 2025, 1:15 p.m. | 4 hours, 4 minutes ago
Description : A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54987 - Trend Micro Apex One Remote Code Execution Vulnerability
CVE ID : CVE-2025-54987
Published : Aug. 5, 2025, 1:15 p.m. | 4 hours, 4 minutes ago
Description : A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8555
Published : Aug. 5, 2025, 10:15 a.m. | 7 hours, 3 minutes ago
Description : A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. Affected is an unknown function of the file /search. The manipulation of the argument keyword leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8553
Published : Aug. 5, 2025, 9:15 a.m. | 8 hours, 3 minutes ago
Description : A vulnerability classified as problematic was found in atjiu pybbs up to 6.0.0. This vulnerability affects unknown code of the file /admin/sensitive_word/list. The manipulation of the argument word leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8554
Published : Aug. 5, 2025, 9:15 a.m. | 8 hours, 3 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in atjiu pybbs up to 6.0.0. This issue affects some unknown processing of the file /admin/user/list. The manipulation of the argument Username leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6207 - WordPress Import Export Lite Plugin File Upload Vulnerability
CVE ID : CVE-2025-6207
Published : Aug. 5, 2025, 8:15 a.m. | 9 hours, 4 minutes ago
Description : The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpie_tempalte_import' function in all versions up to, and including, 3.9.28. This makes it possible for authenticated attackers, with Subscriber-level access and above, and permissions granted by an Administrator, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8294
Published : Aug. 5, 2025, 8:15 a.m. | 9 hours, 4 minutes ago
Description : The Download Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘name’ parameter in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8295
Published : Aug. 5, 2025, 8:15 a.m. | 9 hours, 4 minutes ago
Description : The Employee Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccess_msg’ parameter in all versions up to, and including, 4.5.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8551
Published : Aug. 5, 2025, 8:15 a.m. | 9 hours, 4 minutes ago
Description : A vulnerability was found in atjiu pybbs up to 6.0.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/comment/list. The manipulation of the argument Username leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8552
Published : Aug. 5, 2025, 8:15 a.m. | 9 hours, 4 minutes ago
Description : A vulnerability classified as problematic has been found in atjiu pybbs up to 6.0.0. This affects an unknown part of the file /admin/tag/list. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-2810
Published : Aug. 5, 2025, 8:15 a.m. | 7 hours, 1 minute ago
Description : A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic key.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41698 - Apache HTTP Server Command Injection Vulnerability
CVE ID : CVE-2025-41698
Published : Aug. 5, 2025, 8:15 a.m. | 7 hours ago
Description : A low privileged local attacker can interact with the affected service although user-interaction should not be allowed.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5061
Published : Aug. 5, 2025, 8:15 a.m. | 7 hours ago
Description : The WP Import Export Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'wpie_parse_upload_data' function in all versions up to, and including, 3.9.29. This makes it possible for authenticated attackers, with Subscriber-level access and above, and permissions granted by an Administrator, to upload arbitrary files on the affected site's server which may make remote code execution possible. The vulnerability was partially patched in version 3.9.29.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-7050 - Google Drive plugin for WordPress Stored Cross-Site Scripting
CVE ID : CVE-2025-7050
Published : Aug. 5, 2025, 7:15 a.m. | 8 hours ago
Description : The Use-your-Drive | Google Drive plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in file metadata in all versions up to, and including, 3.3.1 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. The vulnerability can be exploited by the lowest authentication level permitted to upload files, including unauthenticated users, once a file upload shortcode is published on a publicly accessible post.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8313
Published : Aug. 5, 2025, 7:15 a.m. | 8 hours ago
Description : The Campus Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccess_msg’ parameter in all versions up to, and including, 1.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8315
Published : Aug. 5, 2025, 7:15 a.m. | 8 hours ago
Description : The WP Easy Contact plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘noaccess_msg’ parameter in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8548 - "Atjiu Pybbs Registered Email Handler Information Exposure Vulnerability"
CVE ID : CVE-2025-8548
Published : Aug. 5, 2025, 7:15 a.m. | 8 hours ago
Description : A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue affects the function sendEmailCode of the file src/main/java/co/yiiu/pybbs/controller/api/SettingsApiController.java of the component Registered Email Handler. The manipulation of the argument email leads to information exposure through error message. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is 234197c4f8fc7ce24bdcff5430cd42492f28936a. It is recommended to apply a patch to fix this issue.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8549
Published : Aug. 5, 2025, 7:15 a.m. | 8 hours ago
Description : A vulnerability was found in atjiu pybbs up to 6.0.0. It has been classified as critical. Affected is the function update of the file src/main/java/co/yiiu/pybbs/controller/admin/UserAdminController.java. The manipulation leads to weak password requirements. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The patch is identified as d09cb19a8e7d7e5151282926ada54080244d499f. It is recommended to apply a patch to fix this issue.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8550
Published : Aug. 5, 2025, 7:15 a.m. | 8 hours ago
Description : A vulnerability was found in atjiu pybbs up to 6.0.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/topic/list. The manipulation of the argument Username leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The patch is named 2fe4a51afbce0068c291bc1818bbc8f7f3b01a22. It is recommended to apply a patch to fix this issue.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54982
Published : Aug. 5, 2025, 6:15 a.m. | 9 hours ago
Description : An improper verification of cryptographic signature in Zscaler's SAML authentication mechanism on the server-side allowed an authentication abuse.
Severity: 9.6 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8547
Published : Aug. 5, 2025, 6:15 a.m. | 9 hours ago
Description : A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as critical. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 044f22893bee254dc2bb0d30f614913fab3c22c2. It is recommended to apply a patch to fix this issue.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54868 - LibreChat Meilisearch Engine Information Disclosure
CVE ID : CVE-2025-54868
Published : Aug. 5, 2025, 5:15 a.m. | 7 hours, 51 minutes ago
Description : LibreChat is a ChatGPT clone with additional features. In versions 0.0.6 through 0.7.7-rc1, an exposed testing endpoint allows reading arbitrary chats directly from the Meilisearch engine. The endpoint /api/search/test allows for direct access to stored chats in the Meilisearch engine without proper access control. This results in the ability to read chats from arbitrary users. This issue is fixed in version 0.7.7.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8544 - Portabilis i-Educar Cross Site Scripting Vulnerability
CVE ID : CVE-2025-8544
Published : Aug. 5, 2025, 5:15 a.m. | 7 hours, 51 minutes ago
Description : A vulnerability classified as problematic was found in Portabilis i-Educar 2.10. Affected by this vulnerability is an unknown functionality of the file /module/RegraAvaliacao/edit. The manipulation of the argument nome leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8545
Published : Aug. 5, 2025, 5:15 a.m. | 7 hours, 51 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.10. Affected by this issue is some unknown functionality of the file /intranet/educar_motivo_afastamento_cad.php. The manipulation of the argument nm_motivo leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8546
Published : Aug. 5, 2025, 5:15 a.m. | 7 hours, 51 minutes ago
Description : A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This affects the function adminlogin/login of the component Verification Code Handler. The manipulation leads to guessable captcha. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The patch is named ecaf8d46944fd03e3c4ea05698f8acf0aaa570cf. It is recommended to apply a patch to fix this issue.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8542
Published : Aug. 5, 2025, 4:16 a.m. | 8 hours, 51 minutes ago
Description : A vulnerability was found in Portabilis i-Educar 2.10. It has been rated as problematic. This issue affects some unknown processing of the file /intranet/empresas_cad.php. The manipulation of the argument fantasia/razao_social leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8543
Published : Aug. 5, 2025, 4:16 a.m. | 8 hours, 51 minutes ago
Description : A vulnerability classified as problematic has been found in Portabilis i-Educar 2.10. Affected is an unknown function of the file /intranet/educar_raca_cad.php. The manipulation of the argument nm_raca leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54980 - Adobe Flash Player Arbitrary Command Execution
CVE ID : CVE-2025-54980
Published : Aug. 5, 2025, 4:16 a.m. | 5 hours, 43 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54978 - Apache HTTP Server HTTP Header Injection
CVE ID : CVE-2025-54978
Published : Aug. 5, 2025, 4:16 a.m. | 4 hours, 51 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54979 - Apache HTTP Server Unvalidated User Input
CVE ID : CVE-2025-54979
Published : Aug. 5, 2025, 4:16 a.m. | 4 hours, 51 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54974 - Apache HTTP Server Denial of Service
CVE ID : CVE-2025-54974
Published : Aug. 5, 2025, 4:16 a.m. | 4 hours, 9 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54975 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-54975
Published : Aug. 5, 2025, 4:16 a.m. | 4 hours, 9 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54976 - Apache HTTP Server Unvalidated User Input Leads to Remote Command Execution
CVE ID : CVE-2025-54976
Published : Aug. 5, 2025, 4:16 a.m. | 4 hours, 9 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54977 - Microsoft Azure Storage Rejected Reason
CVE ID : CVE-2025-54977
Published : Aug. 5, 2025, 4:16 a.m. | 4 hours, 9 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53417 - DIAView Directory Traversal Information Disclosure Vulnerability
CVE ID : CVE-2025-53417
Published : Aug. 5, 2025, 3:15 a.m. | 5 hours, 10 minutes ago
Description : DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8540
Published : Aug. 5, 2025, 3:15 a.m. | 5 hours, 10 minutes ago
Description : A vulnerability was found in Portabilis i-Educar 2.10. It has been classified as problematic. This affects an unknown part of the file /intranet/public_municipio_cad.php. The manipulation of the argument nome leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8541
Published : Aug. 5, 2025, 3:15 a.m. | 5 hours, 10 minutes ago
Description : A vulnerability was found in Portabilis i-Educar 2.10. It has been declared as problematic. This vulnerability affects unknown code of the file /intranet/public_uf_cad.php. The manipulation of the argument nome leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8539
Published : Aug. 5, 2025, 2:15 a.m. | 6 hours, 10 minutes ago
Description : A vulnerability was found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this issue is some unknown functionality of the file /intranet/public_distrito_cad.php. The manipulation of the argument nome leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54865
Published : Aug. 5, 2025, 1:15 a.m. | 5 hours, 51 minutes ago
Description : Tilesheets MediaWiki Extension adds a table lookup parser function for an item and returns the requested image. A missing backtick in a query executed by the Tilesheets extension allows users to insert and potentially execute malicious SQL code. This issue has not been fixed.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54870
Published : Aug. 5, 2025, 1:15 a.m. | 5 hours, 51 minutes ago
Description : VTun-ng is a Virtual Tunnel over TCP/IP network. In versions 3.0.17 and below, failure to initialize encryption modules might cause reversion to plaintext due to insufficient error handling. The bug was first introduced in VTun-ng version 3.0.12. This is fixed in version 3.0.18. To workaround this issue, avoid blowfish-256.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54871
Published : Aug. 5, 2025, 1:15 a.m. | 5 hours, 51 minutes ago
Description : Electron Capture facilitates video playback for screen-sharing and capture. In versions 2.19.1 and below, the elecap app on macOS allows local unprivileged users to bypass macOS TCC privacy protections by enabling ELECTRON_RUN_AS_NODE. This environment variable allows arbitrary Node.js code to be executed via the -e flag, which runs inside the main Electron context, inheriting any previously granted TCC entitlements (such as access to Documents, Downloads, etc.). This issue is fixed in version 2.20.0.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8535
Published : Aug. 5, 2025, 1:15 a.m. | 5 hours, 51 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in cronoh NanoVault up to 1.2.1. This issue affects the function executeJavaScript of the file /main.js of the component xrb URL Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8537
Published : Aug. 5, 2025, 1:15 a.m. | 5 hours, 51 minutes ago
Description : A vulnerability, which was classified as problematic, was found in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_DataBuffer::SetDataSize of the file Mp4Decrypt.cpp of the component mp4decrypt. The manipulation leads to allocation of resources. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8538
Published : Aug. 5, 2025, 1:15 a.m. | 5 hours, 51 minutes ago
Description : A vulnerability has been found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /usuarios/tipos/novo. The manipulation of the argument name/description leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54803
Published : Aug. 5, 2025, 1:15 a.m. | 4 hours, 20 minutes ago
Description : js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. In versions below 1.0.2, a prototype pollution vulnerability in js-toml allows a remote attacker to add or modify properties of the global Object.prototype by parsing a maliciously crafted TOML input. This is fixed in version 1.0.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54804
Published : Aug. 5, 2025, 1:15 a.m. | 4 hours, 20 minutes ago
Description : Russh is a Rust SSH client & server library. In versions 0.54.0 and below, the channel window adjust message of the SSH protocol is used to track the free space in the receive buffer of the other side of a channel. The current implementation takes the value from the message and adds it to an internal state value. This can result in a integer overflow. If the Rust code is compiled with overflow checks, it will panic. A malicious client can crash a server. This is fixed in version 0.54.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54780
Published : Aug. 5, 2025, 1:15 a.m. | 4 hours ago
Description : The glpi-screenshot-plugin allows users to take screenshots or screens recording directly from GLPI. In versions below 2.0.2, authenticated user can use the /ajax/screenshot.php endpoint to leak files from the system or use PHP wrappers. This is fixed in version 2.0.2.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54794
Published : Aug. 5, 2025, 1:15 a.m. | 4 hours ago
Description : Claude Code is an agentic coding tool. In versions below 0.2.111, a path validation flaw using prefix matching instead of canonical path comparison, makes it possible to bypass directory restrictions and access files outside the CWD. Successful exploitation depends on the presence of (or ability to create) a directory with the same prefix as the CWD and the ability to add untrusted content into a Claude Code context window. This is fixed in version 0.2.111.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54795 - Claude Code Command Injection Vulnerability
CVE ID : CVE-2025-54795
Published : Aug. 5, 2025, 1:15 a.m. | 4 hours ago
Description : Claude Code is an agentic coding tool. In versions below 1.0.20, an error in command parsing makes it possible to bypass the Claude Code confirmation prompt to trigger execution of an untrusted command. Reliably exploiting this requires the ability to add untrusted content into a Claude Code context window. This is fixed in version 1.0.20.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54802
Published : Aug. 5, 2025, 1:15 a.m. | 4 hours ago
Description : pyLoad is the free and open-source Download Manager written in pure Python. In versions 0.5.0b3.dev89 and below, there is an opportunity for path traversal in pyLoad-ng CNL Blueprint via package parameter, allowing Arbitrary File Write which leads to Remote Code Execution (RCE). The addcrypted endpoint in pyload-ng suffers from an unsafe path construction vulnerability, allowing unauthenticated attackers to write arbitrary files outside the designated storage directory. This can be abused to overwrite critical system files, including cron jobs and systemd services, leading to privilege escalation and remote code execution as root. This issue is fixed in version 0.5.0b3.dev90.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52892
Published : Aug. 5, 2025, 1:15 a.m. | 2 hours, 20 minutes ago
Description : EspoCRM is a web application with a frontend designed as a single-page application and a REST API backend written in PHP. In versions 9.1.6 and below, if a user loads Espo in the browser with double slashes (e.g https://domain//#Admin) and the webserver does not strip the double slash, it can cause a corrupted Slim router's cache. This will make the instance unusable until there is a completed rebuild. This is fixed in version 9.1.7.
Severity: 4.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53544
Published : Aug. 5, 2025, 1:15 a.m. | 2 hours, 20 minutes ago
Description : Trilium Notes is an open-source, cross-platform hierarchical note taking application with focus on building large personal knowledge bases. In versions below 0.97.0, a brute-force protection bypass in the initial sync seed retrieval endpoint allows unauthenticated attackers to guess the login password without triggering rate limiting. Trilium is a single-user app without a username requirement, and brute-force protection bypass makes exploitation much more feasible. Multiple features provided by Trilium (e.g. MFA, share notes, custom request handler) indicate that Trilium can be exposed to the internet. This is fixed in version 0.97.0.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54119
Published : Aug. 5, 2025, 1:15 a.m. | 2 hours, 20 minutes ago
Description : ADOdb is a PHP database class library that provides abstractions for performing queries and managing databases. In versions 5.22.9 and below, improper escaping of a query parameter may allow an attacker to execute arbitrary SQL statements when the code using ADOdb connects to a sqlite3 database and calls the metaColumns(), metaForeignKeys() or metaIndexes() methods with a crafted table name. This is fixed in version 5.22.10. To workaround this issue, only pass controlled data to metaColumns(), metaForeignKeys() and metaIndexes() method's $table parameter.
Severity: 10.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54130
Published : Aug. 5, 2025, 1:15 a.m. | 2 hours, 20 minutes ago
Description : Cursor is a code editor built for programming with AI. Cursor allows writing in-workspace files with no user approval in versions less than 1.3.9. If the file is a dotfile, editing it requires approval but creating a new one doesn't. Hence, if sensitive editor files, such as the .vscode/settings.json file don't already exist in the workspace, an attacker can chain a indirect prompt injection vulnerability to hijack the context to write to the settings file and trigger RCE on the victim without user approval. This is fixed in version 1.3.9.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54135 - Cursor Unapproved File Writing and RCE Vulnerability
CVE ID : CVE-2025-54135
Published : Aug. 5, 2025, 1:15 a.m. | 2 hours, 20 minutes ago
Description : Cursor is a code editor built for programming with AI. Cursor allows writing in-workspace files with no user approval in versions below 1.3.9, If the file is a dotfile, editing it requires approval but creating a new one doesn't. Hence, if sensitive MCP files, such as the .cursor/mcp.json file don't already exist in the workspace, an attacker can chain a indirect prompt injection vulnerability to hijack the context to write to the settings file and trigger RCE on the victim without user approval. This is fixed in version 1.3.9.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54387
Published : Aug. 5, 2025, 1:15 a.m. | 2 hours, 20 minutes ago
Description : IPX is an image optimizer powered by sharp and svgo. In versions 1.3.1 and below, 2.0.0-0 through 2.1.0, and 3.0.0 through 3.1.0, the approach used to check whether a path is within allowed directories is vulnerable to path prefix bypass when the allowed directories do not end with a path separator. This occurs because the check relies on a raw string prefix comparison. This is fixed in versions 1.3.2, 2.1.1 and 3.1.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54797
Published : Aug. 5, 2025, 12:15 a.m. | 3 hours, 20 minutes ago
Description : Rejected reason: This CVE is a duplicate of CVE-2025-52464.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8534
Published : Aug. 5, 2025, 12:15 a.m. | 3 hours, 20 minutes ago
Description : A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 6ba36f159fd396ad11bf6b7874554197736ecc8b. It is recommended to apply a patch to fix this issue. One of the maintainers explains, that "[t]his error only occurs if DEFER_STRILE_LOAD (defer-strile-load:BOOL=ON) or TIFFOpen( .. "rD") option is used."
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8530
Published : Aug. 4, 2025, 11:15 p.m. | 4 hours, 20 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file eladmin-system\src\main\resources\config\application-prod.yml of the component Druid. The manipulation of the argument login-username/login-password leads to use of default credentials. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46093
Published : Aug. 4, 2025, 11:15 p.m. | 3 hours, 19 minutes ago
Description : LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 (setuid and setgid), which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-46094
Published : Aug. 4, 2025, 11:15 p.m. | 3 hours, 19 minutes ago
Description : LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local executable file as an Actionscript.
Severity: 3.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8529
Published : Aug. 4, 2025, 11:15 p.m. | 3 hours, 19 minutes ago
Description : A vulnerability classified as critical was found in cloudfavorites favorites-web up to 1.3.0. Affected by this vulnerability is the function getCollectLogoUrl of the file app/src/main/java/com/favorites/web/CollectController.java. The manipulation of the argument url leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27211
Published : Aug. 4, 2025, 11:15 p.m. | 1 hour, 56 minutes ago
Description : An Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.10.4 and earlier) could allow a Command Injection by a malicious actor with access to EdgeSwitch adjacent network.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27212
Published : Aug. 4, 2025, 11:15 p.m. | 1 hour, 56 minutes ago
Description : An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a malicious actor with access to UniFi Access management network.
Affected Products:
UniFi Access Reader Pro (Version 2.14.21 and earlier)
UniFi Access G2 Reader Pro (Version 1.10.32 and earlier)
UniFi Access G3 Reader Pro (Version 1.10.30 and earlier)
UniFi Access Intercom (Version 1.7.28 and earlier)
UniFi Access G3 Intercom (Version 1.7.29 and earlier)
UniFi Access Intercom Viewer (Version 1.3.20 and earlier)
Mitigation:
Update UniFi Access Reader Pro Version 2.15.9 or later
Update UniFi Access G2 Reader Pro Version 1.11.23 or later
Update UniFi Access G3 Reader Pro Version 1.11.22 or later
Update UniFi Access Intercom Version 1.8.22 or later
Update UniFi Access G3 Intercom Version 1.8.22 or later
Update UniFi Access Intercom Viewer Version 1.4.39 or later
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4599
Published : Aug. 4, 2025, 10:15 p.m. | 2 hours, 57 minutes ago
Description : The fragment preview functionality in Liferay Portal 7.4.3.61 through 7.4.3.132, and Liferay DXP 2024.Q4.1 through 2024.Q4.5, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.13 and 7.4 update 61 through update 92 was found to be vulnerable to postMessage-based XSS because it allows a remote non-authenticated attacker to inject JavaScript into the fragment portlet URL.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4604
Published : Aug. 4, 2025, 10:15 p.m. | 2 hours, 56 minutes ago
Description : The vulnerable code can bypass the Captcha check in Liferay Portal 7.4.3.80 through 7.4.3.132, and Liferay DXP 2024.Q1.1 through 2024.Q1.19, 2024.Q2.0 through 2024.Q2.13, 2024.Q3.0 through 2024.Q3.13, 2024.Q4.0 through 2024.Q4.7, 2025.Q1.0 through 2025.Q1.15 and 7.4 update 80 through update 92 and then attackers can run scripts in the Gogo shell
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54554 - Tera Insights tiCrypt Information Disclosure
CVE ID : CVE-2025-54554
Published : Aug. 4, 2025, 10:15 p.m. | 2 hours, 56 minutes ago
Description : tiaudit in Tera Insights tiCrypt before 2025-07-17 allows unauthenticated REST API requests that reveal sensitive information about the underlying SQL queries and database structure.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7844
Published : Aug. 4, 2025, 10:15 p.m. | 2 hours, 56 minutes ago
Description : Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default `MAX_RSA_KEY_BITS=2048` is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than 2048 bits and your application calls `wolfTPM2_RsaKey_TpmToWolf` on that key, then a stack buffer could be overrun. If the `MAX_RSA_KEY_BITS` build-time macro is set correctly (RSA bits match what TPM hardware is capable of) for the hardware target, then a stack overrun is not possible.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8527
Published : Aug. 4, 2025, 10:15 p.m. | 2 hours, 56 minutes ago
Description : A vulnerability was found in Exrick xboot up to 3.3.4. It has been rated as critical. This issue affects some unknown processing of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/SecurityController.java of the component Swagger. The manipulation of the argument loginUrl leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8528 - Exrick xboot Exposed Sensitive Information Cookie Storage
CVE ID : CVE-2025-8528
Published : Aug. 4, 2025, 10:15 p.m. | 2 hours, 56 minutes ago
Description : A vulnerability classified as problematic has been found in Exrick xboot up to 3.3.4. Affected is an unknown function of the file /xboot/permission/getMenuList. The manipulation leads to cleartext storage of sensitive information in a cookie. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50341
Published : Aug. 4, 2025, 9:15 p.m. | 3 hours, 56 minutes ago
Description : A Boolean-based SQL injection vulnerability was discovered in Axelor 5.2.4 via the _domain parameter. An attacker can manipulate the SQL query logic and determine true/false conditions, potentially leading to data exposure or further exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50754
Published : Aug. 4, 2025, 9:15 p.m. | 3 hours, 56 minutes ago
Description : Unisite CMS version 5.0 contains a stored Cross-Site Scripting (XSS) vulnerability in the "Report" functionality. A malicious script submitted by an attacker is rendered in the admin panel when viewed by an administrator. This allows attackers to hijack the admin session and, by leveraging the template editor, upload and execute a PHP web shell on the server, leading to full remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51387
Published : Aug. 4, 2025, 9:15 p.m. | 3 hours, 56 minutes ago
Description : The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured Electron Fuses. Specifically, the following insecure settings were observed: RunAsNode is enabled and EnableNodeCliInspectArguments is not disabled. These configurations allow the application to be executed in Node.js mode, enabling attackers to pass arguments that result in arbitrary code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51726
Published : Aug. 4, 2025, 9:15 p.m. | 3 hours, 56 minutes ago
Description : CyberGhostVPNSetup.exe (Windows installer) is signed using the weak cryptographic hash algorithm SHA-1, which is vulnerable to collision attacks. This allows a malicious actor to craft a fake installer with a forged SHA-1 certificate that may still be accepted by Windows signature verification mechanisms, particularly on systems without strict SmartScreen or trust policy enforcement. Additionally, the installer lacks High Entropy Address Space Layout Randomization (ASLR), as confirmed by BinSkim (BA2015 rule) and repeated WinDbg analysis. The binary consistently loads into predictable memory ranges, increasing the success rate of memory corruption exploits. These two misconfigurations, when combined, significantly lower the bar for successful supply-chain style attacks or privilege escalation through fake installers.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8525 - Exrick xboot Information Disclosure Vulnerability
CVE ID : CVE-2025-8525
Published : Aug. 4, 2025, 9:15 p.m. | 3 hours, 56 minutes ago
Description : A vulnerability was found in Exrick xboot up to 3.3.4. It has been classified as problematic. This affects an unknown part of the component Spring Boot Admin/Spring Actuator. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8526
Published : Aug. 4, 2025, 9:15 p.m. | 3 hours, 56 minutes ago
Description : A vulnerability was found in Exrick xboot up to 3.3.4. It has been declared as critical. This vulnerability affects the function Upload of the file xboot-fast/src/main/java/cn/exrick/xboot/modules/base/controller/common/UploadController.java. The manipulation of the argument File leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50340
Published : Aug. 4, 2025, 8:15 p.m. | 4 hours, 56 minutes ago
Description : An Insecure Direct Object Reference (IDOR) vulnerability was discovered in SOGo Webmail thru 5.6.0, allowing an authenticated user to send emails on behalf of other users by manipulating a user-controlled identifier in the email-sending request. The server fails to verify whether the authenticated user is authorized to use the specified sender identity, resulting in unauthorized message delivery as another user. This can lead to impersonation, phishing, or unauthorized communication within the system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-55014 - Youdao StarDict X11 Selection Information Disclosure
CVE ID : CVE-2025-55014
Published : Aug. 4, 2025, 8:15 p.m. | 4 hours, 56 minutes ago
Description : The YouDao plugin for StarDict, as used in stardict 3.0.7+git20220909+dfsg-6 in Debian trixie and elsewhere, sends an X11 selection to the dict.youdao.com and dict.cn servers via cleartext HTTP.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8523 - RiderLike Fruit Crush-Brain App Android Component Export Vulnerability
CVE ID : CVE-2025-8523
Published : Aug. 4, 2025, 8:15 p.m. | 4 hours, 56 minutes ago
Description : A vulnerability has been found in RiderLike Fruit Crush-Brain App 1.0 on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the file AndroidManifest.xml of the component com.fruitcrush.fun. The manipulation leads to improper export of android application components. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8524
Published : Aug. 4, 2025, 8:15 p.m. | 4 hours, 56 minutes ago
Description : A vulnerability was found in Boquan DotWallet App 2.15.2 on Android and classified as problematic. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of the component com.boquanhash.dotwallet. The manipulation leads to improper export of android application components. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8522
Published : Aug. 4, 2025, 7:15 p.m. | 5 hours, 56 minutes ago
Description : A vulnerability, which was classified as critical, was found in givanz Vvvebjs up to 2.0.4. Affected is an unknown function of the file /save.php of the component node.js. The manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-21120
Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago
Description : Dell Avamar, versions prior to 19.12 with patch 338905, excluding version 19.10SP1 with patch 338904, contains a Trusting HTTP Permission Methods on the Server-Side vulnerability in Security. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-26476
Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago
Description : Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38741 - "Dell Enterprise SONiC OS SSH Cryptographic Key Exposure Vulnerability"
CVE ID : CVE-2025-38741
Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago
Description : Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52239
Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago
Description : An arbitrary file upload vulnerability in ZKEACMS v4.1 allows attackers to execute arbitrary code via a crafted file.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53394
Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago
Description : Paramount Macrium Reflect through 2025-06-26 allows attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx or .mrbax backup file and a renamed executable placed in the same directory. When a user with administrative privileges opens the crafted backup file and proceeds to mount it, Reflect launches the renamed executable (e.g., explorer.exe), which is under attacker control. This occurs because of insufficient validation of companion files referenced during backup mounting.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53395
Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago
Description : Paramount Macrium Reflect through 2025-06-26 allows local attackers to execute arbitrary code with administrator privileges via a crafted .mrimgx backup file and a malicious VSSSvr.dll located in the same directory. When a user with administrative privileges mounts a backup by opening the .mrimgx file, Reflect loads the attacker's VSSSvr.dll after the mount completes. This occurs because of untrusted DLL search path behavior in ReflectMonitor.exe.
Severity: 7.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8521 - Givanz Vvveb Add Type Handler Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-8521
Published : Aug. 4, 2025, 7:15 p.m. | 3 hours, 51 minutes ago
Description : A vulnerability, which was classified as problematic, has been found in givanz Vvveb up to 1.0.5. This issue affects some unknown processing of the file /vadmin123/index.php?module=settings/post-types of the component Add Type Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The patch is named b53c7161da606f512b7efcb392d6ffc708688d49/605a70f8729e4d44ebe272671cb1e43e3d6ae014. It is recommended to upgrade the affected component.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8520
Published : Aug. 4, 2025, 6:15 p.m. | 4 hours, 51 minutes ago
Description : A vulnerability classified as critical was found in givanz Vvveb up to 1.0.5. This vulnerability affects unknown code of the file /vadmin123/?module=editor/editor of the component Drag-and-Drop Editor. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The patch is identified as f684f3e374d04db715730fc4796e102f5ebcacb2. It is recommended to upgrade the affected component.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10052
Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago
Description : ZPanel includes a helper binary named zsudo, intended to allow restricted privilege escalation for administrative tasks. However, when misconfigured in /etc/sudoers, zsudo can be invoked by low-privileged users to execute arbitrary commands as root. This flaw enables local attackers with shell access to escalate privileges by writing a payload to a writable directory and executing it via zsudo. The vulnerability is particularly impactful in post-exploitation scenarios following web server compromise, where the attacker inherits access to zsudo.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10054
Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago
Description : An unauthenticated arbitrary file upload vulnerability exists in LibrettoCMS version 1.1.7 (and possibly earlier) contains an unauthenticated arbitrary file upload vulnerability in its File Manager plugin. The upload handler located at adm/ui/js/ckeditor/plugins/pgrfilemanager/php/upload.php fails to properly validate file extensions, allowing attackers to upload files with misleading extensions and subsequently rename them to executable .php scripts. This enables remote code execution on the server without authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-45183
Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago
Description : An issue was discovered in Samsung Mobile Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, and 2400. A lack of a JPEG length check leads to an out-of-bound write.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34147
Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago
Description : An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02). When configuring the device in Extender mode via its captive portal, the extap2g SSID field is inserted unescaped into a reboot-time shell script. This allows remote attackers within Wi-Fi range to inject arbitrary shell commands that execute as root during device reboot, leading to full system compromise.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46206 - Artifex mupdf Denial of Service (DoS) Vulnerability
CVE ID : CVE-2025-46206
Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago
Description : An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote attacker to cause a denial of service via an infinite recursion in the `mutool clean` utility. When processing a crafted PDF file containing cyclic /Next references in the outline structure, the `strip_outline()` function enters infinite recursion
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51390
Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago
Description : TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a command injection vulnerability via the pin parameter in the setWiFiWpsConfig function.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8519 - Givanz Vvveb Drag-and-Drop Editor Information Disclosure Vulnerability
CVE ID : CVE-2025-8519
Published : Aug. 4, 2025, 6:15 p.m. | 2 hours, 54 minutes ago
Description : A vulnerability classified as problematic has been found in givanz Vvveb up to 1.0.5. This affects an unknown part of the file /vadmin123/index.php?module=editor/editor of the component Drag-and-Drop Editor. The manipulation of the argument url leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The identifier of the patch is f684f3e374d04db715730fc4796e102f5ebcacb2. It is recommended to upgrade the affected component.
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50420
Published : Aug. 4, 2025, 5:15 p.m. | 3 hours, 54 minutes ago
Description : An issue in the pdfseparate utility of freedesktop poppler v25.04.0 allows attackers to cause an infinite recursion via supplying a crafted PDF file. This can lead to a Denial of Service (DoS).
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50422 - Poppler PDF Memory Leak Information Disclosure
CVE ID : CVE-2025-50422
Published : Aug. 4, 2025, 5:15 p.m. | 3 hours, 54 minutes ago
Description : An issue was discovered in freedesktop poppler v25.04.0. The heap memory containing PDF stream objects is not cleared upon program exit, allowing attackers to obtain sensitive PDF content via a memory dump.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51534 - Austrian Archaeological Institute (AI) OpenAtlas Cross-Site Scripting (XSS)
CVE ID : CVE-2025-51534
Published : Aug. 4, 2025, 5:15 p.m. | 3 hours, 54 minutes ago
Description : A cross-site scripting (XSS) vulnerability in Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name field.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51535 - Austrian Archaeological Institute OpenAtlas SQL Injection Vulnerability
CVE ID : CVE-2025-51535
Published : Aug. 4, 2025, 5:15 p.m. | 3 hours, 54 minutes ago
Description : Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a SQL injection vulnerability.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8518
Published : Aug. 4, 2025, 5:15 p.m. | 3 hours, 54 minutes ago
Description : A vulnerability was found in givanz Vvveb 1.0.5. It has been rated as critical. Affected by this issue is the function Save of the file admin/controller/editor/code.php of the component Code Editor. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.6 is able to address this issue. The name of the patch is f684f3e374d04db715730fc4796e102f5ebcacb2. It is recommended to upgrade the affected component.
Severity: 4.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-44954
Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago
Description : RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root-equivalent user account.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-44957
Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago
Description : Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows authentication bypass via a valid API key and crafted HTTP headers.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-44958 - RUCKUS Network Director Unencrypted Password Storage Vulnerability
CVE ID : CVE-2025-44958
Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago
Description : RUCKUS Network Director (RND) before 4.5 stores passwords in a recoverable format.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-44960 - RUCKUS SmartZone OS Command Injection Vulnerability
CVE ID : CVE-2025-44960
Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago
Description : RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain parameter in an API route.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-44961 - RUCKUS SmartZone OS Command Injection
CVE ID : CVE-2025-44961
Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago
Description : In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP address field provided by an authenticated user.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-44962
Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago
Description : RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ directory traversal to read files.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-44963 - RUCKUS Network Director JWT Spoofing Vulnerability
CVE ID : CVE-2025-44963
Published : Aug. 4, 2025, 5:15 p.m. | 1 hour, 51 minutes ago
Description : RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker who knows the hardcoded value of a certain secret key.
Severity: 9.0 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-38739 - Dell Digital Delivery Insufficiently Protected Credentials Information Disclosure
CVE ID : CVE-2025-38739
Published : Aug. 4, 2025, 4:15 p.m. | 2 hours, 51 minutes ago
Description : Dell Digital Delivery, versions prior to 5.6.1.0, contains an Insufficiently Protected Credentials vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to Information Disclosure.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-44955 - RUCKUS Network Director (RND) Hardcoded Password Root Access
CVE ID : CVE-2025-44955
Published : Aug. 4, 2025, 4:15 p.m. | 2 hours, 51 minutes ago
Description : RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak, hardcoded password.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5988
Published : Aug. 4, 2025, 4:15 p.m. | 2 hours, 51 minutes ago
Description : A flaw was found in the Ansible aap-gateway. Cross-site request forgery (CSRF) origin checking is not done on requests from the gateway to external components, such as the controller, hub, and eda.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8516
Published : Aug. 4, 2025, 4:15 p.m. | 2 hours, 51 minutes ago
Description : A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. It has been classified as problematic. Affected is the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file K3Cloud\BBCMallSite\WEB-INF\lib\Kingdee.K3.O2O.Base.WebApp.jar!\kingdee\k3\o2o\base\webapp\action\FileUploadAction.class of the component IIS-K3CloudMiniApp. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor recommends as a short-term measure to "[t]emporarily disable external network access to the Kingdee Cloud Galaxy Retail System or set up an IP whitelist for access control." The long-term remediation will be: "Install the security patch provided by the Starry Sky system, with the specific solutions being: i) Adding authentication to the vulnerable CMKAppWebHandler.ashx interface; ii) Removing the file reading function."
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8517
Published : Aug. 4, 2025, 4:15 p.m. | 2 hours, 51 minutes ago
Description : A vulnerability was found in givanz Vvveb 1.0.6.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to session fixiation. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.0.7 is able to address this issue. The patch is named d4b1e030066417b77d15b4ac505eed5ae7bf2c5e. It is recommended to upgrade the affected component.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-26065
Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago
Description : A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a visiting Wi-Fi network.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30096 - Dell PowerProtect Data Domain DD OS OS Command Injection
CVE ID : CVE-2025-30096
Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago
Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30097 - Dell PowerProtect Data Domain OS Command Injection
CVE ID : CVE-2025-30097
Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago
Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30098 - Dell PowerProtect Data Domain DD OS OS Command Injection
CVE ID : CVE-2025-30098
Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago
Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30099 - Dell PowerProtect Data Domain OS Command Injection
CVE ID : CVE-2025-30099
Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago
Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in the DDSH CLI. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36594 - Dell PowerProtect Data Domain DD OS Authentication Bypass by Spoofing Vulnerability
CVE ID : CVE-2025-36594
Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago
Description : Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.3.0.15, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.60, contain an Authentication Bypass by Spoofing vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Remote unauthenticated user can create account that potentially expose customer info, affect system integrity and availability.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-44643 - Draytek AP Series Insecure Permissions Weak Password Vulnerability
CVE ID : CVE-2025-44643
Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago
Description : Certain Draytek products are affected by Insecure Configuration. This affects AP903 v1.4.18 and AP912C v1.4.9 and AP918R v1.4.9. The setting of the password property in the ripd.conf configuration file sets a hardcoded weak password, posing a security risk. An attacker with network access could exploit this to gain unauthorized control over the routing daemon, potentially altering network routes or intercepting traffic.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51536 - AI OpenAtlas Hardcoded Administrator Password Vulnerability
CVE ID : CVE-2025-51536
Published : Aug. 4, 2025, 3:15 p.m. | 3 hours, 6 minutes ago
Description : Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded Administrator password.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-36604
Published : Aug. 4, 2025, 2:15 p.m. | 2 hours, 51 minutes ago
Description : Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-36605
Published : Aug. 4, 2025, 2:15 p.m. | 2 hours, 51 minutes ago
Description : Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36606 - Dell Unity OS Command Injection Vulnerability
CVE ID : CVE-2025-36606
Published : Aug. 4, 2025, 2:15 p.m. | 2 hours, 51 minutes ago
Description : Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nfssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-36607 - Dell Unity OS Command Injection Vulnerability
CVE ID : CVE-2025-36607
Published : Aug. 4, 2025, 2:15 p.m. | 2 hours, 51 minutes ago
Description : Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8109
Published : Aug. 4, 2025, 2:15 p.m. | 2 hours, 51 minutes ago
Description : Software installed and run as a non-privileged user may conduct ptrace system calls to issue writes to GPU origin read only memory.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8515 - Intelbras InControl JSON Endpoint Information Disclosure
CVE ID : CVE-2025-8515
Published : Aug. 4, 2025, 11:15 a.m. | 5 hours, 51 minutes ago
Description : A vulnerability was found in Intelbras InControl 2.21.60.9 and classified as problematic. This issue affects some unknown processing of the file /v1/operador/ of the component JSON Endpoint. The manipulation leads to information disclosure. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
Severity: 3.1 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-0932 - Arm Ltd Bifrost GPU Userspace Driver/Arm Ltd Valhall GPU Userspace Driver/Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver: After Free Information Disclosure
CVE ID : CVE-2025-0932
Published : Aug. 4, 2025, 10:15 a.m. | 6 hours, 51 minutes ago
Description : Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a non-privileged user process to perform valid GPU processing operations, including via WebGL or WebGPU, to gain access to already freed memory.This issue affects Bifrost GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r51p0; Valhall GPU Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0; Arm 5th Gen GPU Architecture Userspace Driver: from r48p0 through r49p3, from r50p0 through r54p0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6204
Published : Aug. 4, 2025, 10:15 a.m. | 6 hours, 51 minutes ago
Description : An Improper Control of Generation of Code (Code Injection) vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6205
Published : Aug. 4, 2025, 10:15 a.m. | 6 hours, 51 minutes ago
Description : A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8341
Published : Aug. 4, 2025, 9:15 a.m. | 7 hours, 51 minutes ago
Description : Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints.
If the plugin was configured to allow only certain URLs, an attacker could bypass this restriction using a specially crafted URL. This vulnerability is fixed in version 3.4.1.
Severity: 5.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41659 - CODESYS Control PKI Folder Remote Access Vulnerability
CVE ID : CVE-2025-41659
Published : Aug. 4, 2025, 8:15 a.m. | 8 hours, 51 minutes ago
Description : A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime system and thus read and write certificates and its keys. This allows sensitive data to be extracted or to accept certificates as trusted. Although all services remain available, only unencrypted communication is possible if the certificates are deleted.
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41691 - Siemens CODESYS Control Remote NULL Pointer Dereference Vulnerability
CVE ID : CVE-2025-41691
Published : Aug. 4, 2025, 8:15 a.m. | 8 hours, 51 minutes ago
Description : An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service (DoS) condition.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-41658
Published : Aug. 4, 2025, 8:15 a.m. | 8 hours, 3 minutes ago
Description : CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20700 - Airoha Bluetooth Audio SDK Privilege Escalation Vulnerability
CVE ID : CVE-2025-20700
Published : Aug. 4, 2025, 7:15 a.m. | 9 hours, 4 minutes ago
Description : In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20701 - Airoha Bluetooth Audio SDK Remote Privilege Escalation Vulnerability
CVE ID : CVE-2025-20701
Published : Aug. 4, 2025, 7:15 a.m. | 9 hours, 4 minutes ago
Description : In the Airoha Bluetooth audio SDK, there is a possible way to pair Bluetooth audio device without user consent. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20702 - Airoha Bluetooth RACE Protocol Privilege Escalation Vulnerability
CVE ID : CVE-2025-20702
Published : Aug. 4, 2025, 7:15 a.m. | 9 hours, 4 minutes ago
Description : In the Airoha Bluetooth audio SDK, there is a possible unauthorized access to the RACE protocol. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-48499 - Fujifilm Business Innovation MFP Denial-of-Service Out-of-Bounds Write Vulnerability
CVE ID : CVE-2025-48499
Published : Aug. 4, 2025, 6:15 a.m. | 10 hours, 4 minutes ago
Description : Out-of-bounds write vulnerability exists in FUJIFILM Business Innovation MFPs. A specially crafted IPP (Internet Printing Protocol) or LPD (Line Printer Daemon) packet may cause a denial-of-service (DoS) condition on an affected MFP. Resetting the MFP is required to recover from the denial-of-service (DoS) condition.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-20696
Published : Aug. 4, 2025, 2:15 a.m. | 12 hours, 53 minutes ago
Description : In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09915215; Issue ID: MSV-3801.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20697 - Qualcomm Power HAL Out-of-Bounds Write Privilege Escalation
CVE ID : CVE-2025-20697
Published : Aug. 4, 2025, 2:15 a.m. | 12 hours, 53 minutes ago
Description : In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915681; Issue ID: MSV-3795.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-20698 - Qualcomm Power HAL Out-of-Bounds Write Privilege Escalation
CVE ID : CVE-2025-20698
Published : Aug. 4, 2025, 2:15 a.m. | 12 hours, 53 minutes ago
Description : In Power HAL, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915400; Issue ID: MSV-3793.
Severity: 6.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54962
Published : Aug. 4, 2025, 2:15 a.m. | 12 hours, 53 minutes ago
Description : /edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b allows authenticated users to upload arbitrary files (such as .html or .svg), and these are then publicly accessible under the /static URI.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54956 - Gh R Unauthorized Information Disclosure
CVE ID : CVE-2025-54956
Published : Aug. 3, 2025, 6:15 p.m. | 20 hours, 53 minutes ago
Description : The gh package before 1.5.0 for R delivers an HTTP response in a data structure that includes the Authorization header from the corresponding HTTP request.
Severity: 3.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8513
Published : Aug. 3, 2025, 3:15 p.m. | 23 hours, 53 minutes ago
Description : A vulnerability, which was classified as problematic, was found in Caixin News App 8.0.1 on Android. Affected is an unknown function of the file AndroidManifest.xml of the component com.caixin.news. The manipulation leads to improper export of android application components. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8511
Published : Aug. 3, 2025, 2:15 p.m. | 1 day ago
Description : A vulnerability classified as problematic was found in Portabilis i-Diario 1.5.0. This vulnerability affects unknown code of the file /diario-de-observacoes/ of the component Observações. The manipulation of the argument Descrição leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8512 - TVB Big Big Shop App Android Android Application Component Export Vulnerability
CVE ID : CVE-2025-8512
Published : Aug. 3, 2025, 2:15 p.m. | 1 day ago
Description : A vulnerability, which was classified as problematic, has been found in TVB Big Big Shop App 2.9.0 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component hk.com.tvb.bigbigshop. The manipulation leads to improper export of android application components. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8509
Published : Aug. 3, 2025, 1:15 p.m. | 23 hours, 51 minutes ago
Description : A vulnerability was found in Portabilis i-Educar 2.9. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /intranet/educar_servidor_cad.php. The manipulation of the argument matricula leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8510
Published : Aug. 3, 2025, 1:15 p.m. | 23 hours, 51 minutes ago
Description : A vulnerability classified as problematic has been found in Portabilis i-Educar 2.10. This affects the function Gerar of the file ieducar/intranet/educar_matricula_lst.php. The manipulation of the argument ref_cod_aluno leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 82c288b9a4abb084bdfa1c0c4ef777ed45f98b46. It is recommended to apply a patch to fix this issue. The vendor initially closed the original advisory without requesting a CVE.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-51775
Published : Aug. 3, 2025, 11:15 a.m. | 1 day, 1 hour ago
Description : Missing Origin Validation in WebSockets vulnerability in Apache Zeppelin.
The attacker could access the Zeppelin server from another origin without any restriction, and get internal information about paragraphs.
This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0.
Users are recommended to upgrade to version 0.12.0, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8508
Published : Aug. 3, 2025, 11:15 a.m. | 1 day, 1 hour ago
Description : A vulnerability was found in Portabilis i-Educar 2.9. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_avaliacao_desempenho_cad.php. The manipulation of the argument titulo_avaliacao/descricao leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8507
Published : Aug. 3, 2025, 10:15 a.m. | 1 day, 2 hours ago
Description : A vulnerability was found in Portabilis i-Educar 2.9. It has been classified as problematic. Affected is an unknown function of the file /intranet/educar_funcao_lst.php. The manipulation of the argument nm_funcao/abreviatura leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-52279
Published : Aug. 3, 2025, 10:15 a.m. | 1 day ago
Description : Improper Input Validation vulnerability in Apache Zeppelin. The fix for JDBC URL validation in CVE-2024-31864 did not account for URL encoded input.
This issue affects Apache Zeppelin: from 0.11.1 before 0.12.0.
Users are recommended to upgrade to version 0.12.0, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-41177
Published : Aug. 3, 2025, 10:15 a.m. | 23 hours, 24 minutes ago
Description : Incomplete Blacklist to Cross-Site Scripting vulnerability in Apache Zeppelin.
This issue affects Apache Zeppelin: before 0.12.0.
Users are recommended to upgrade to version 0.12.0, which fixes the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8506
Published : Aug. 3, 2025, 9:15 a.m. | 1 day ago
Description : A vulnerability was found in 495300897 wx-shop up to de1b66331368695779cfc6e4d11a64caddf8716e and classified as problematic. This issue affects some unknown processing of the file /user/editUI. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8505
Published : Aug. 3, 2025, 8:15 a.m. | 1 day, 1 hour ago
Description : A vulnerability has been found in 495300897 wx-shop up to de1b66331368695779cfc6e4d11a64caddf8716e and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8504
Published : Aug. 3, 2025, 8:15 a.m. | 1 day ago
Description : A vulnerability, which was classified as critical, was found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8502 - Code-projects Online Medicine Guide SQL Injection Vulnerability
CVE ID : CVE-2025-8502
Published : Aug. 3, 2025, 7:15 a.m. | 23 hours, 47 minutes ago
Description : A vulnerability classified as critical was found in code-projects Online Medicine Guide 1.0. Affected by this vulnerability is an unknown functionality of the file /changepass.php. The manipulation of the argument ups leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8503 - Code-projects Online Medicine Guide SQL Injection Vulnerability
CVE ID : CVE-2025-8503
Published : Aug. 3, 2025, 7:15 a.m. | 23 hours, 47 minutes ago
Description : A vulnerability, which was classified as critical, has been found in code-projects Online Medicine Guide 1.0. Affected by this issue is some unknown functionality of the file /adaddmed.php. The manipulation of the argument mname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8501 - Human Resource Integrated System Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-8501
Published : Aug. 3, 2025, 6:15 a.m. | 1 day ago
Description : A vulnerability classified as problematic has been found in code-projects Human Resource Integrated System 1.0. Affected is an unknown function of the file /insert-and-view/action.php. The manipulation of the argument content leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8499 - Code-Projects Online Medicine Guide SQL Injection Vulnerability
CVE ID : CVE-2025-8499
Published : Aug. 3, 2025, 5:15 a.m. | 1 day, 1 hour ago
Description : A vulnerability was found in code-projects Online Medicine Guide 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cusfindambulence2.php. The manipulation of the argument Search leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8500 - Code-projects Human Resource Integrated System SQL Injection Vulnerability
CVE ID : CVE-2025-8500
Published : Aug. 3, 2025, 5:15 a.m. | 1 day, 1 hour ago
Description : A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insert-and-view/action.php. The manipulation of the argument content leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8498 - Code-projects Online Medicine Guide SQL Injection Vulnerability
CVE ID : CVE-2025-8498
Published : Aug. 3, 2025, 4:15 a.m. | 1 day, 2 hours ago
Description : A vulnerability was found in code-projects Online Medicine Guide 1.0. It has been classified as critical. This affects an unknown part of the file /cart/index.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8497 - Code-projects Online Medicine Guide SQL Injection Vulnerability
CVE ID : CVE-2025-8497
Published : Aug. 3, 2025, 4:15 a.m. | 1 day ago
Description : A vulnerability was found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /cusfindphar2.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52131
Published : Aug. 3, 2025, 4:15 a.m. | 20 hours, 51 minutes ago
Description : The Mocca Calendar application before 2.15 for XWiki allows XSS via the background or text color field.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52132
Published : Aug. 3, 2025, 4:15 a.m. | 20 hours, 51 minutes ago
Description : The Mocca Calendar application before 2.15 for XWiki allows XSS via a title to the view event page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52133
Published : Aug. 3, 2025, 4:15 a.m. | 20 hours, 51 minutes ago
Description : The Mocca Calendar application before 2.15 for XWiki allows XSS via a title upon calendar import.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8496 - Projectworlds Online Admission System SQL Injection Vulnerability
CVE ID : CVE-2025-8496
Published : Aug. 3, 2025, 4:15 a.m. | 20 hours, 51 minutes ago
Description : A vulnerability has been found in projectworlds Online Admission System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /viewform.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8495 - Code-projects Intern Membership Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8495
Published : Aug. 3, 2025, 2:15 a.m. | 14 hours, 33 minutes ago
Description : A vulnerability, which was classified as critical, was found in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /admin/edit_admin_query.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54351
Published : Aug. 3, 2025, 2:15 a.m. | 12 hours, 51 minutes ago
Description : In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv).
Severity: 8.9 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54349
Published : Aug. 3, 2025, 2:15 a.m. | 11 hours, 22 minutes ago
Description : In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54350
Published : Aug. 3, 2025, 2:15 a.m. | 11 hours, 22 minutes ago
Description : In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54955
Published : Aug. 3, 2025, 12:15 a.m. | 12 hours, 27 minutes ago
Description : OpenNebula Community Edition (CE) before 7.0.0 and Enterprise Edition (EE) before 6.10.3 have a critical FireEdge race condition that can lead to full account takeover. By exploiting this, an unauthenticated attacker can obtain a valid JSON Web Token (JWT) belonging to a legitimate user without knowledge of their credentials.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8494 - Code-projects Intern Membership Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8494
Published : Aug. 3, 2025, 12:15 a.m. | 12 hours, 27 minutes ago
Description : A vulnerability, which was classified as critical, has been found in code-projects Intern Membership Management System 1.0. This issue affects some unknown processing of the file /admin/delete_student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23290 - NVIDIA vGPU Information Disclosure Vulnerability
CVE ID : CVE-2025-23290
Published : Aug. 2, 2025, 11:15 p.m. | 11 hours, 26 minutes ago
Description : NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a guest could get global GPU metrics which may be influenced by work in other VMs. A successful exploit of this vulnerability might lead to information disclosure.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8493 - Code-projects Intern Membership Management System SQL Injection Vulnerability
CVE ID : CVE-2025-8493
Published : Aug. 2, 2025, 11:15 p.m. | 11 hours, 26 minutes ago
Description : A vulnerability classified as critical was found in code-projects Intern Membership Management System 1.0. This vulnerability affects unknown code of the file /admin/edit_student_query.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-32253 - Linux Kernel ksmbd Deadlock Denial of Service Vulnerability
CVE ID : CVE-2023-32253
Published : Aug. 2, 2025, 11:15 p.m. | 9 hours, 51 minutes ago
Description : A flaw was found in the Linux kernel's ksmbd component. A deadlock is triggered by sending multiple concurrent session setup requests, possibly leading to a denial of service.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-32255 - Linux Kernel ksmbd NTLMSSP Memory Leak
CVE ID : CVE-2023-32255
Published : Aug. 2, 2025, 11:15 p.m. | 9 hours, 51 minutes ago
Description : A flaw was found in the Linux kernel's ksmbd component. A memory leak can occur if a client sends a session setup request with an unknown NTLMSSP message type, potentially leading to resource exhaustion.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23284
Published : Aug. 2, 2025, 11:15 p.m. | 9 hours, 51 minutes ago
Description : NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause a stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23285
Published : Aug. 2, 2025, 11:15 p.m. | 9 hours, 51 minutes ago
Description : NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where it allows a guest to access global resources. A successful exploit of this vulnerability might lead to denial of service.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23283
Published : Aug. 2, 2025, 10:15 p.m. | 8 hours, 50 minutes ago
Description : NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23286
Published : Aug. 2, 2025, 10:15 p.m. | 8 hours, 50 minutes ago
Description : NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability where an attacker could read invalid memory. A successful exploit of this vulnerability might lead to information disclosure.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23287 - NVIDIA GPU Display Driver Windows Information Disclosure
CVE ID : CVE-2025-23287
Published : Aug. 2, 2025, 10:15 p.m. | 8 hours, 50 minutes ago
Description : NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may access sensitive system-level information. A successful exploit of this vulnerability may lead to Information disclosure.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23288 - NVIDIA GPU Display Driver for Windows Information Disclosure
CVE ID : CVE-2025-23288
Published : Aug. 2, 2025, 10:15 p.m. | 8 hours, 50 minutes ago
Description : NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may cause an exposure of sensitive system information with local unprivileged system access. A successful exploit of this vulnerability may lead to Information disclosure.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23278 - NVIDIA Display Driver Index Validation Vulnerability
CVE ID : CVE-2025-23278
Published : Aug. 2, 2025, 10:15 p.m. | 6 hours, 50 minutes ago
Description : NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker might cause an improper index validation by issuing a call with crafted parameters. A successful exploit of this vulnerability might lead to data tampering or denial of service.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23279 - NVIDIA run Installer Privilege Escalation Vulnerability
CVE ID : CVE-2025-23279
Published : Aug. 2, 2025, 10:15 p.m. | 6 hours, 50 minutes ago
Description : NVIDIA .run Installer for Linux and Solaris contains a vulnerability where an attacker could use a race condition to escalate privileges. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, denial of service, or data tampering.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23281 - NVIDIA GPU Display Driver for Windows Use-After-Free Vulnerability
CVE ID : CVE-2025-23281
Published : Aug. 2, 2025, 10:15 p.m. | 6 hours, 50 minutes ago
Description : NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker with local unprivileged access that can win a race condition might be able to trigger a use-after-free error. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or information disclosure.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23276 - NVIDIA Installer for Windows Privilege Escalation Vulnerability
CVE ID : CVE-2025-23276
Published : Aug. 2, 2025, 10:15 p.m. | 4 hours, 50 minutes ago
Description : NVIDIA Installer for Windows contains a vulnerability where an attacker may be able to escalate privileges. A successful exploit of this vulnerability may lead to escalation of privileges, denial of service, code execution, information disclosure and data tampering.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-23277
Published : Aug. 2, 2025, 10:15 p.m. | 4 hours, 50 minutes ago
Description : NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver, where an attacker could access memory outside bounds permitted under normal use cases. A successful exploit of this vulnerability might lead to denial of service, data tampering, or information disclosure.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8471 - Projectworlds Online Admission System SQL Injection
CVE ID : CVE-2025-8471
Published : Aug. 2, 2025, 7:15 p.m. | 7 hours, 51 minutes ago
Description : A vulnerability, which was classified as critical, has been found in projectworlds Online Admission System 1.0. This issue affects some unknown processing of the file /adminlogin.php. The manipulation of the argument a_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8470 - SourceCodester Online Hotel Reservation System SQL Injection Vulnerability
CVE ID : CVE-2025-8470
Published : Aug. 2, 2025, 6:15 p.m. | 8 hours, 50 minutes ago
Description : A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /admin/deleteroom.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8469 - SourceCodester Online Hotel Reservation System SQL Injection Vulnerability
CVE ID : CVE-2025-8469
Published : Aug. 2, 2025, 5:15 p.m. | 9 hours, 50 minutes ago
Description : A vulnerability classified as critical has been found in SourceCodester Online Hotel Reservation System 1.0. This affects an unknown part of the file /admin/deletegallery.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8468 - Code-projects Wazifa System SQL Injection Vulnerability
CVE ID : CVE-2025-8468
Published : Aug. 2, 2025, 3:15 p.m. | 11 hours, 50 minutes ago
Description : A vulnerability was found in code-projects Wazifa System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /controllers/reset.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7500
Published : Aug. 2, 2025, 12:15 p.m. | 13 hours, 21 minutes ago
Description : The Ocean Social Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via social icon titles in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7710
Published : Aug. 2, 2025, 12:15 p.m. | 13 hours, 21 minutes ago
Description : The Brave Conversion Engine (PRO) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 0.7.7. This is due to the plugin not properly restricting a claimed identity while authenticating with Facebook. This makes it possible for unauthenticated attackers to log in as other users, including administrators.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8467 - Code-Projects Wazifa System SQL Injection Vulnerability
CVE ID : CVE-2025-8467
Published : Aug. 2, 2025, 11:15 a.m. | 14 hours, 21 minutes ago
Description : A vulnerability was found in code-projects Wazifa System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /controllers/regcontrol.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8488 - Elementor Header Footer Builder Unauthorized Data Modification Vulnerability
CVE ID : CVE-2025-8488
Published : Aug. 2, 2025, 10:15 a.m. | 15 hours, 21 minutes ago
Description : The Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_hfe_compatibility_option_callback ()function in all versions up to, and including, 2.4.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the compatibility option setting.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6722
Published : Aug. 2, 2025, 10:15 a.m. | 12 hours, 30 minutes ago
Description : The BitFire Security – Firewall, WAF, Bot/Spam Blocker, Login Security plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5 via the bitfire_* directory that automatically gets created and stores potentially sensitive files without any access restrictions. This makes it possible for unauthenticated attackers to extract sensitive data from various files like config.ini, debug.log, and more.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6832 - WordPress All in One Time Clock Lite Reflected Cross-Site Scripting
CVE ID : CVE-2025-6832
Published : Aug. 2, 2025, 9:15 a.m. | 13 hours, 30 minutes ago
Description : The All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'nonce' parameter in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8391 - WordPress Magic Edge Lite Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-8391
Published : Aug. 2, 2025, 9:15 a.m. | 13 hours, 29 minutes ago
Description : The Magic Edge – Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘height’ parameter in all versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8399
Published : Aug. 2, 2025, 9:15 a.m. | 13 hours, 29 minutes ago
Description : The Mmm Unity Loader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘attributes’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8400
Published : Aug. 2, 2025, 9:15 a.m. | 13 hours, 29 minutes ago
Description : The Image Gallery plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8466 - Code-projects Online Farm System SQL Injection
CVE ID : CVE-2025-8466
Published : Aug. 2, 2025, 9:15 a.m. | 13 hours, 29 minutes ago
Description : A vulnerability was found in code-projects Online Farm System 1.0. It has been classified as critical. Affected is an unknown function of the file /forgot_passfarmer.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8212 - Elementor Medical Addon Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-8212
Published : Aug. 2, 2025, 8:15 a.m. | 14 hours, 30 minutes ago
Description : The Medical Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typewriter widget in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8317 - WordPress Custom Word Cloud Stored Cross-Site Scripting
CVE ID : CVE-2025-8317
Published : Aug. 2, 2025, 8:15 a.m. | 14 hours, 30 minutes ago
Description : The Custom Word Cloud plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘angle’ parameter in all versions up to, and including, 0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4588
Published : Aug. 2, 2025, 8:15 a.m. | 13 hours, 21 minutes ago
Description : The 360 Photo Spheres plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sphere' shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6626
Published : Aug. 2, 2025, 8:15 a.m. | 13 hours, 21 minutes ago
Description : The ShortPixel Adaptive Images – WebP, AVIF, CDN, Image Optimization plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the API URL Setting in all versions up to, and including, 3.10.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6754 - "WordPress SEO Metrics Privilege Escalation"
CVE ID : CVE-2025-6754
Published : Aug. 2, 2025, 8:15 a.m. | 13 hours, 21 minutes ago
Description : The SEO Metrics plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization checks in both the seo_metrics_handle_connect_button_click() AJAX handler and the seo_metrics_handle_custom_endpoint() function in versions 1.0.5 through 1.0.15. Because the AJAX action only verifies a nonce, without checking the caller’s capabilities, a subscriber-level user can retrieve the token and then access the custom endpoint to obtain full administrator cookies.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8152 - WordPress WP CTA - Call To Action Plugin Unauthenticated Data Modification Vulnerability
CVE ID : CVE-2025-8152
Published : Aug. 2, 2025, 8:15 a.m. | 13 hours, 21 minutes ago
Description : The WP CTA – Call To Action Plugin, Sticky CTA, Sticky Buttons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'update_cta_status' and 'change_sticky_sidebar_name' functions in all versions up to, and including, 1.7.0. This makes it possible for unauthenticated attackers to update the status of a sticky and update the name displayed in the back-end WP CTA Dashboard.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8146 - "Qi Addons For Elementor Stored Cross-Site Scripting"
CVE ID : CVE-2025-8146
Published : Aug. 2, 2025, 5:15 a.m. | 16 hours, 21 minutes ago
Description : The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TypeOut Text widget in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7694
Published : Aug. 2, 2025, 4:15 a.m. | 17 hours, 20 minutes ago
Description : The Woffice Core plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the woffice_file_manager_delete() function in all versions up to, and including, 5.4.26. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6076 - Partner Software's Partner Software and Partner Web application File Upload Privilege Escalation
CVE ID : CVE-2025-6076
Published : Aug. 2, 2025, 3:15 a.m. | 18 hours, 21 minutes ago
Description : Partner Software's Partner Software application and Partner Web application do not sanitize files uploaded on the "reports" tab, allowing an authenticated attacker to upload a malicious file and compromise the device. By default, the software runs as SYSTEM, heightening the severity of the vulnerability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6077 - Partner Software's Partner Software Product and Web Application Default Administrator Credentials Vulnerability
CVE ID : CVE-2025-6077
Published : Aug. 2, 2025, 3:15 a.m. | 18 hours, 21 minutes ago
Description : Partner Software's Partner Software Product and corresponding Partner Web application use the same default username and password for the administrator account across all versions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6078
Published : Aug. 2, 2025, 3:15 a.m. | 18 hours, 21 minutes ago
Description : Partner Software's Partner Software application and Partner Web application allows an authenticated user to add notes on the 'Notes' page when viewing a job but does not completely sanitize input, making it possible to add notes with HTML tags and JavaScript, enabling an attacker to add a note containing malicious JavaScript, leading to stored XSS (cross-site scripting).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54796 - Copyparty Denial of Service (DoS) Regular Expression Injection
CVE ID : CVE-2025-54796
Published : Aug. 2, 2025, 12:15 a.m. | 18 hours, 29 minutes ago
Description : Copyparty is a portable file server. Versions prior to 1.18.9, the filter parameter for the "Recent Uploads" page allows arbitrary RegExes. If this feature is enabled (which is the default), an attacker can craft a filter which deadlocks the server. This is fixed in version 1.18.9.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54790
Published : Aug. 2, 2025, 12:15 a.m. | 17 hours, 20 minutes ago
Description : Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, Files does not have logic to prevent the exploitation of backend SQL queries without direct output, potentially allowing unauthorized data access. This is fixed in version 0.16.10.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54789
Published : Aug. 2, 2025, 12:15 a.m. | 16 hours, 10 minutes ago
Description : Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, the File Move functionality does not contain logic that prevents injection of arbitrary JavaScript, which can lead to Browser JS code execution in the context of the user’s session. This is fixed in version 0.16.10.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54782
Published : Aug. 2, 2025, 12:15 a.m. | 14 hours, 9 minutes ago
Description : Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution (RCE) vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP server with an API endpoint that uses an unsafe JavaScript sandbox (safe-eval-like implementation). Due to improper sandboxing and missing cross-origin protections, any malicious website visited by a developer can execute arbitrary code on their local machine. The package adds HTTP endpoints to a locally running NestJS development server. One of these endpoints, /inspector/graph/interact, accepts JSON input containing a code field and executes the provided code in a Node.js vm.runInNewContext sandbox. This is fixed in version 0.2.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54386
Published : Aug. 2, 2025, 12:15 a.m. | 12 hours, 8 minutes ago
Description : Traefik is an HTTP reverse proxy and load balancer. In versions 2.11.27 and below, 3.0.0 through 3.4.4 and 3.5.0-rc1, a path traversal vulnerability was discovered in WASM Traefik’s plugin installation mechanism. By supplying a maliciously crafted ZIP archive containing file paths with ../ sequences, an attacker can overwrite arbitrary files on the system outside of the intended plugin directory. This can lead to remote code execution (RCE), privilege escalation, persistence, or denial of service. This is fixed in versions 2.11.28, 3.4.5 and 3.5.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54781 - Microsoft Azure Entra ID/Intune Token Leak Vulnerability
CVE ID : CVE-2025-54781
Published : Aug. 2, 2025, 12:15 a.m. | 12 hours, 8 minutes ago
Description : Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. When debugging is enabled for Himmelblau in version 1.0.0, the himmelblaud_tasks service leaks an Intune service access token to the system journal. This short-lived token can be used to detect the host's Intune compliance status, and may permit additional administrative operations for the Intune host device (though the API for these operations is undocumented). This is fixed in version 1.1.0. To workaround this issue, ensure that Himmelblau debugging is disabled.
Severity: 2.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54133 - Cursor Model Context Protocol (MCP) UI Information Disclosure Vulnerability
CVE ID : CVE-2025-54133
Published : Aug. 2, 2025, 12:15 a.m. | 10 hours, 6 minutes ago
Description : Cursor is a code editor built for programming with AI. In versions 1.17 through 1.2, there is a UI information disclosure vulnerability in Cursor's MCP (Model Context Protocol) deeplink handler, allowing attackers to execute 2-click arbitrary system commands through social engineering attacks. When users click malicious `cursor://anysphere.cursor-deeplink/mcp/install` links, the installation dialog does not show the arguments being passed to the command being run. If a user clicks a malicious deeplink, then examines the installation dialog and clicks through, the full command including the arguments will be executed on the machine. This is fixed in version 1.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54136
Published : Aug. 2, 2025, 12:15 a.m. | 10 hours, 6 minutes ago
Description : Cursor is a code editor built for programming with AI. In versions 1.2.4 and below, attackers can achieve remote and persistent code execution by modifying an already trusted MCP configuration file inside a shared GitHub repository or editing the file locally on the target's machine. Once a collaborator accepts a harmless MCP, the attacker can silently swap it for a malicious command (e.g., calc.exe) without triggering any warning or re-prompt. If an attacker has write permissions on a user's active branches of a source repository that contains existing MCP servers the user has previously approved, or allows an attacker has arbitrary file-write locally, the attacker can achieve arbitrary code execution. This is fixed in version 1.3.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54792
Published : Aug. 1, 2025, 11:15 p.m. | 11 hours, 6 minutes ago
Description : LocalSend is an open-source app to securely share files and messages with nearby devices over local networks without needing an internet connection. In versions 1.16.1 and below, a critical Man-in-the-Middle (MitM) vulnerability in the software's discovery protocol allows an unauthenticated attacker on the same local network to impersonate legitimate devices, silently intercepting, reading, and modifying any file transfer. This can be used to steal sensitive data or inject malware, like ransomware, into files shared between trusted users. The attack is hardly detectable and easy to implement, posing a severe and immediate security risk. This issue was fixed in version 1.17.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54131
Published : Aug. 1, 2025, 11:15 p.m. | 9 hours, 50 minutes ago
Description : Cursor is a code editor built for programming with AI. In versions below 1.3, an attacker can bypass the allow list in auto-run mode with a backtick (`) or $(cmd). If a user has swapped Cursor from its default settings (requiring approval for every terminal call) to an allowlist, an attacker can execute arbitrary command execution outside of the allowlist without user approval. An attacker can trigger this vulnerability if chained with indirect prompt injection. This is fixed in version 1.3.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54132
Published : Aug. 1, 2025, 11:15 p.m. | 9 hours, 50 minutes ago
Description : Cursor is a code editor built for programming with AI. In versions below 1.3, Mermaid (which is used to render diagrams) allows embedding images which then get rendered by Cursor in the chat box. An attacker can use this to exfiltrate sensitive information to a third-party attacker controlled server through an image fetch after successfully performing a prompt injection. A malicious model (or hallucination/backdoor) might also trigger this exploit at will. This issue requires prompt injection from malicious data (web, image upload, source code) in order to exploit. In that case, it can send sensitive information to an attacker-controlled external server. This is fixed in version 1.3.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54424
Published : Aug. 1, 2025, 11:15 p.m. | 9 hours, 50 minutes ago
Description : 1Panel is a web interface and MCP Server that manages websites, files, containers, databases, and LLMs on a Linux server. In versions 2.0.5 and below, the HTTPS protocol used for communication between the Core and Agent endpoints has incomplete certificate verification during certificate validation, leading to unauthorized interface access. Due to the presence of numerous command execution or high-privilege interfaces in 1Panel, this results in Remote Code Execution (RCE). This is fixed in version 2.0.6. The CVE has been translated from Simplified Chinese using GitHub Copilot.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-13978
Published : Aug. 1, 2025, 10:15 p.m. | 10 hours, 50 minutes ago
Description : A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation appears to be difficult. The patch is named 2ebfffb0e8836bfb1cd7d85c059cd285c59761a4. It is recommended to apply a patch to fix this issue.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10063
Published : Aug. 1, 2025, 9:15 p.m. | 11 hours, 50 minutes ago
Description : A path traversal vulnerability exists in the Netgear SPH200D Skype phone firmware versions <= 1.0.4.80 in its embedded web server. Authenticated attackers can exploit crafted GET requests to access arbitrary files outside the web root by injecting traversal sequences. This can expose sensitive system files and configuration data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10057 - Synactis PDF In-The-Box ActiveX Control Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2013-10057
Published : Aug. 1, 2025, 9:15 p.m. | 9 hours, 50 minutes ago
Description : A stack-based buffer overflow vulnerability exists in Synactis PDF In-The-Box ActiveX control (PDF_IN_1.ocx), specifically the ConnectToSynactis method. When a long string is passed to this method—intended to populate the ldCmdLine argument of a WinExec call—a strcpy operation overwrites a saved TRegistry class pointer on the stack. This allows remote attackers to execute arbitrary code in the context of the user by enticing them to visit a malicious webpage that instantiates the vulnerable ActiveX control. The vulnerability was discovered via its use in third-party software such as Logic Print 2013.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10058 - Linksys Router OS Command Injection Vulnerability
CVE ID : CVE-2013-10058
Published : Aug. 1, 2025, 9:15 p.m. | 9 hours, 50 minutes ago
Description : An authenticated OS command injection vulnerability exists in various Linksys router models (tested on WRT160Nv2) running firmware version v2.0.03 via the apply.cgi endpoint. The web interface fails to properly sanitize user-supplied input passed to the ping_size parameter during diagnostic operations. An attacker with valid credentials can inject arbitrary shell commands, enabling remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10059 - D-Link Router OS Command Injection Vulnerability
CVE ID : CVE-2013-10059
Published : Aug. 1, 2025, 9:15 p.m. | 9 hours, 50 minutes ago
Description : An authenticated OS command injection vulnerability exists in various D-Link routers (tested on DIR-615H1 running firmware version 8.04) via the tools_vct.htm endpoint. The web interface fails to sanitize input passed from the ping_ipaddr parameter to the tools_vct.htm diagnostic interface, allowing attackers to inject arbitrary shell commands using backtick encapsulation. With default credentials, an attacker can exploit this blind injection vector to execute arbitrary commands.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10060 - Netgear Router OS Command Injection Vulnerability
CVE ID : CVE-2013-10060
Published : Aug. 1, 2025, 9:15 p.m. | 9 hours, 50 minutes ago
Description : An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN2200B model) firmware versions 1.0.0.36 and prior via the pppoe.cgi endpoint. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the pppoe_username parameter. This flaw allows full compromise of the device and may persist across reboots unless configuration is restored.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10061 - Netgear Router OS Command Injection Vulnerability
CVE ID : CVE-2013-10061
Published : Aug. 1, 2025, 9:15 p.m. | 9 hours, 50 minutes ago
Description : An authenticated OS command injection vulnerability exists in Netgear routers (tested on the DGN1000B model firmware versions 1.1.00.24 and 1.1.00.45) via the TimeToLive parameter in the setup.cgi endpoint. The vulnerability arises from improper input neutralization, enabling command injection through crafted POST requests. This flaw enables remote attackers to deploy payloads or manipulate system state post-authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10062
Published : Aug. 1, 2025, 9:15 p.m. | 9 hours, 50 minutes ago
Description : A directory traversal vulnerability exists in Linksys router's web interface (tested on the E1500 model firmware versions 1.0.00, 1.0.04, and 1.0.05), specifically in the /apply.cgi endpoint. Authenticated attackers can exploit the next_page POST parameter to access arbitrary files outside the intended web root by injecting traversal sequences. This allows exposure of sensitive system files and configuration data.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10053
Published : Aug. 1, 2025, 9:15 p.m. | 7 hours, 1 minute ago
Description : A remote command execution vulnerability exists in ZPanel version 10.0.0.2 in its htpasswd module. When creating .htaccess files, the inHTUsername field is passed unsanitized to a system() call that invokes the system’s htpasswd binary. By injecting shell metacharacters into the username field, an authenticated attacker can execute arbitrary system commands. Exploitation requires a valid ZPanel account—such as one in the default Users, Resellers, or Administrators groups—but no elevated privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10055
Published : Aug. 1, 2025, 9:15 p.m. | 7 hours, 1 minute ago
Description : An unauthenticated arbitrary file upload vulnerability exists in Havalite CMS version 1.1.7 (and possibly earlier) in the upload.php script. The application fails to enforce proper file extension validation and authentication checks, allowing remote attackers to upload malicious PHP files via a crafted multipart/form-data POST request. Once uploaded, the attacker can access the file directly under havalite/tmp/files/, resulting in remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10049 - Raidsonic NAS Command Injection Vulnerability
CVE ID : CVE-2013-10049
Published : Aug. 1, 2025, 9:15 p.m. | 5 hours, 50 minutes ago
Description : An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically tested on IB-NAS5220 and IB-NAS4220—via the unauthenticated timeHandler.cgi endpoint exposed through the web interface. The CGI script fails to properly sanitize user-supplied input in the timeZone parameter of a POST request, allowing remote attackers to inject arbitrary shell commands.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10050 - D-Link Router OS Command Injection Vulnerability
CVE ID : CVE-2013-10050
Published : Aug. 1, 2025, 9:15 p.m. | 5 hours, 50 minutes ago
Description : An OS command injection vulnerability exists in multiple D-Link routers—confirmed on DIR-300 rev A (v1.05) and DIR-615 rev D (v4.13)—via the authenticated tools_vct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing attackers with valid credentials to inject arbitrary shell commands. Exploitation enables full device compromise, including spawning a telnet daemon and establishing a root shell. The vulnerability is present in firmware versions that expose tools_vct.xgi and use the Mathopd/1.5p6 web server. No vendor patch is available, and affected models are end-of-life.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10051
Published : Aug. 1, 2025, 9:15 p.m. | 5 hours, 50 minutes ago
Description : A remote PHP code execution vulnerability exists in InstantCMS version 1.6 and earlier due to unsafe use of eval() within the search view handler. Specifically, user-supplied input passed via the look parameter is concatenated into a PHP expression and executed without proper sanitation. A remote attacker can exploit this flaw by sending a crafted HTTP GET request with a base64-encoded payload in the Cmd header, resulting in arbitrary PHP code execution within the context of the web server.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2012-10022
Published : Aug. 1, 2025, 9:15 p.m. | 1 hour, 29 minutes ago
Description : Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that allow local privilege escalation from uid 48. The lxsuexec binary performs a uid check and permits execution of arbitrary commands as root if the invoking user matches uid 48. This flaw enables attackers with Apache-level access to escalate privileges to root without authentication.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10044 - OpenEMR SQL Injection and Unrestricted File Upload Vulnerability
CVE ID : CVE-2013-10044
Published : Aug. 1, 2025, 9:15 p.m. | 1 hour, 29 minutes ago
Description : An authenticated SQL injection vulnerability exists in OpenEMR ≤ 4.1.1 Patch 14 that allows a low-privileged attacker to extract administrator credentials and subsequently escalate privileges. Once elevated, the attacker can exploit an unrestricted file upload flaw to achieve remote code execution, resulting in full compromise of the application and its host system.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10046 - Agnitum Outpost Internet Security Named Pipe Privilege Escalation Vulnerability
CVE ID : CVE-2013-10046
Published : Aug. 1, 2025, 9:15 p.m. | 1 hour, 29 minutes ago
Description : A local privilege escalation vulnerability exists in Agnitum Outpost Internet Security 8.1 that allows an unprivileged user to execute arbitrary code with SYSTEM privileges. The flaw resides in the acs.exe component, which exposes a named pipe that accepts unauthenticated commands. By exploiting a directory traversal weakness in the pipe protocol, an attacker can instruct the service to load a malicious DLL from a user-controlled location. The DLL is then executed in the context of the privileged service.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10047 - MiniWeb HTTP Server Unrestricted File Upload and Privilege Escalation Vulnerability
CVE ID : CVE-2013-10047
Published : Aug. 1, 2025, 9:15 p.m. | 1 hour, 29 minutes ago
Description : An unrestricted file upload vulnerability exists in MiniWeb HTTP Server <= Build 300 that allows unauthenticated remote attackers to upload arbitrary files to the server’s filesystem. By abusing the upload handler and crafting a traversal path, an attacker can place a malicious .exe in system32, followed by a .mof file in the WMI directory. This triggers execution of the payload with SYSTEM privileges via the Windows Management Instrumentation service. The exploit is only viable on Windows versions prior to Vista.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10048 - D-Link Router OS Command Injection Vulnerability
CVE ID : CVE-2013-10048
Published : Aug. 1, 2025, 9:15 p.m. | 1 hour, 29 minutes ago
Description : An OS command injection vulnerability exists in various legacy D-Link routers—including DIR-300 rev B and DIR-600 (firmware ≤ 2.13 and ≤ 2.14b01, respectively)—due to improper input handling in the unauthenticated command.php endpoint. By sending specially crafted POST requests, a remote attacker can execute arbitrary shell commands with root privileges, allowing full takeover of the device. This includes launching services such as Telnet, exfiltrating credentials, modifying system configuration, and disrupting availability. The flaw stems from the lack of authentication and inadequate sanitation of the cmd parameter.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8472
Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago
Description : Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device.
The specific flaw exists within the parsing of vCard data. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-26316.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8473
Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago
Description : Alpine iLX-507 UPDM_wstpCBCUpdStart Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the UPDM_wstpCBCUpdStart function. The issue results from the lack of proper validation of user-supplied data before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26317.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8474
Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago
Description : Alpine iLX-507 CarPlay Stack-based Buffer Overflow Code Execution Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the implementation of the Apple CarPlay protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26318.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8475
Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago
Description : Alpine iLX-507 AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device.
The specific flaw exists within the implementation of the AVRCP protocol. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26321.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8476
Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago
Description : Alpine iLX-507 TIDAL Improper Certificate Validation Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the TIDAL music streaming application. The issue results from improper certificate validation. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-26322.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8477
Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago
Description : Alpine iLX-507 vCard Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Alpine iLX-507 devices. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device.
The specific flaw exists within the parsing of vCard data. The issue results from the lack of proper validation of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-26324.
Severity: 7.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8480
Published : Aug. 1, 2025, 6:15 p.m. | 4 hours, 28 minutes ago
Description : Alpine iLX-507 Command Injection Remote Code Execution. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine iLX-507 devices. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the Tidal music streaming application. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-26357.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6037
Published : Aug. 1, 2025, 6:15 p.m. | 4 hours ago
Description : Vault and Vault Enterprise (“Vault”) TLS certificate auth method did not correctly validate client certificates when configured with a non-CA certificate as [+trusted certificate+|https://developer.hashicorp.com/vault/api-docs/auth/cert#certificate]. In this configuration, an attacker may be able to craft a malicious certificate that could be used to impersonate another user. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50869
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : A stored Cross-Site Scripting (XSS) vulnerability exists in the qureydetails.php page of Institute-of-Current-Students 1.0, where the input fields for Query and Answer do not properly sanitize user input. Authenticated users can inject arbitrary JavaScript code.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50870 - Institute-of-Current-Students Student Information Disclosure via Incorrect Access Control
CVE ID : CVE-2025-50870
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : Institute-of-Current-Students 1.0 is vulnerable to Incorrect Access Control in the mydetailsstudent.php endpoint. The myds GET parameter accepts an email address as input and directly returns the corresponding student's personal information without validating the identity or permissions of the requesting user. This allows any authenticated or unauthenticated attacker to enumerate and retrieve sensitive student details by altering the email value in the request URL, leading to information disclosure.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53009
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In versions 1.39.2 and below, when parsing an MTLX file with multiple nested nodegraph implementations, the MaterialX XML parsing logic can potentially crash due to stack exhaustion. An attacker could intentionally crash a target program that uses OpenEXR by sending a malicious MTLX file. This is fixed in version 1.39.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53010 - MaterialX Null Pointer Dereference Denial of Service
CVE ID : CVE-2025-53010
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously crafted files. An attacker could intentionally crash a target program that uses OpenEXR by sending a malicious MTLX file. This is fixed in version 1.39.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53011
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously crafted files. An attacker could intentionally crash a target program that uses MaterialX by sending a malicious MTLX file. This is fixed in version 1.39.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-53012
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. When parsing file imports, recursion is used to process nested files; however, there is no limit imposed to the depth of files that can be parsed by the library. By building a sufficiently deep chain of MaterialX files one referencing the next, it is possible to crash the process using the MaterialX library via stack exhaustion. This is fixed in version 1.39.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54564 - ChargePoint Home Flex Unvalidated Decompression Vulnerability
CVE ID : CVE-2025-54564
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : uploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2 decompression, which allows command execution as the nobody user.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54574
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : Squid is a caching proxy for the Web. In versions 6.3 and below, Squid is vulnerable to a heap buffer overflow and possible remote code execution attack when processing URN due to incorrect buffer management. This has been fixed in version 6.4. To work around this issue, disable URN access permissions.
Severity: 9.3 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54590
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : webfinger.js is a TypeScript-based WebFinger client that runs in both browsers and Node.js environments. In versions 2.8.0 and below, the lookup function accepts user addresses for account checking. However, the ActivityPub specification requires preventing access to localhost services in production. This library does not prevent localhost access, only checking for hosts that start with "localhost" and end with a port. Users can exploit this by creating servers that send GET requests with controlled host, path, and port parameters to query services on the instance's host or local network, enabling blind SSRF attacks. This is fixed in version 2.8.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54593
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.1 and below, an authenticated administrator user can execute arbitrary code on the FreshRSS server by modifying the update URL to one they control, and gain code execution after running an update. After successfully executing code, user data including hashed passwords can be exfiltrated, the instance can be defaced when file permissions allow. Malicious code can be inserted into the instance to steal plaintext passwords, among others. This is fixed in version 1.26.2.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54595
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : Pearcleaner is a free, source-available and fair-code licensed mac app cleaner. The PearcleanerHelper is a privileged helper tool bundled with the Pearcleaner application. It is registered and activated only after the user approves a system prompt to allow privileged operations. Upon approval, the helper is configured as a LaunchDaemon and runs with root privileges. In versions 4.4.0 through 4.5.1, the helper registers an XPC service (com.alienator88.Pearcleaner.PearcleanerHelper) and accepts unauthenticated connections from any local process. It exposes a method that executes arbitrary shell commands. This allows any local unprivileged user to escalate privileges to root once the helper is approved and active. This issue is fixed in version 4.5.2.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5999
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : A privileged Vault operator with write permissions to the root namespace’s identity endpoint could escalate their own or another user’s token privileges to Vault’s root policy. Fixed in Vault Community Edition 1.20.0 and Vault Enterprise 1.20.0, 1.19.6, 1.18.11 and 1.16.22.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6000
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : A privileged Vault operator within the root namespace with write permission to {{sys/audit}} may obtain code execution on the underlying host if a plugin directory is set in Vault’s configuration. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6004
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : Vault and Vault Enterprise’s (“Vault”) user lockout feature could be bypassed for Userpass and LDAP authentication methods. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6011 - HashiCorp Vault Userpass Timing Side Channel Disclosure
CVE ID : CVE-2025-6011
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : A timing side channel in Vault and Vault Enterprise’s (“Vault”) userpass auth method allowed an attacker to distinguish between existing and non-existing users, and potentially enumerate valid usernames for Vault’s Userpass auth method. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-6014
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : Vault and Vault Enterprise’s (“Vault”) TOTP Secrets Engine code validation endpoint is susceptible to code reuse within its validity period. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6015 - Vault Two-Factor Authentication Bypass and Token Reuse
CVE ID : CVE-2025-6015
Published : Aug. 1, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : Vault and Vault Enterprise’s (“Vault”) login MFA rate limits could be bypassed and TOTP tokens could be reused. Fixed in Vault Community Edition 1.20.1 and Vault Enterprise 1.20.1, 1.19.7, 1.18.12, and 1.16.23.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-45150
Published : Aug. 1, 2025, 5:15 p.m. | 1 hour ago
Description : Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive files via supplying a crafted request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-45778 - The Language Sloth Web Application Stored XSS
CVE ID : CVE-2025-45778
Published : Aug. 1, 2025, 5:15 p.m. | 1 hour ago
Description : A stored cross-site scripting (XSS) vulnerability in The Language Sloth Web Application v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Description text field.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48074
Published : Aug. 1, 2025, 5:15 p.m. | 1 hour ago
Description : OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance degradation when processing malicious files. This is fixed in version 3.3.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51501
Published : Aug. 1, 2025, 5:15 p.m. | 1 hour ago
Description : Reflected Cross-Site Scripting (XSS) in the id parameter of the live_edit.module_settings API endpoint in Microweber CMS2.0 allows execution of arbitrary JavaScript.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51502
Published : Aug. 1, 2025, 5:15 p.m. | 1 hour ago
Description : Reflected Cross-Site Scripting (XSS) in Microweber CMS 2.0 via the layout parameter on the /admin/page/create page allows arbitrary JavaScript execution in the context of authenticated admin users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-51504 - Microweber CMS Cross Site Scripting (XSS)
CVE ID : CVE-2025-51504
Published : Aug. 1, 2025, 5:15 p.m. | 1 hour ago
Description : Microweber CMS 2.0 is vulnerable to Cross Site Scripting (XSS)in the /projects/profile, homepage endpoint via the last name field.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2019-19144 - Quantum DXi6702 XML External Entity Injection Vulnerability
CVE ID : CVE-2019-19144
Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago
Description : XML External Entity Injection vulnerability in Quantum DXi6702 2.3.0.3 (11449-53631 Build304) devices via rest/Users?action=authenticate.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-44139 - Emlog Pro File Upload Vulnerability
CVE ID : CVE-2025-44139
Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago
Description : Emlog Pro V2.5.7 is vulnerable to Unrestricted Upload of File with Dangerous Type via /emlog/admin/plugin.php?action=upload_zip
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50460
Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago
Description : A remote code execution (RCE) vulnerability exists in the ms-swift project version 3.3.0 due to unsafe deserialization in tests/run.py using yaml.load() from the PyYAML library (versions = 5.3.1). If an attacker can control the content of the YAML configuration file passed to the --run_config parameter, arbitrary code can be executed during deserialization. This can lead to full system compromise. The vulnerability is triggered when a malicious YAML file is loaded, allowing the execution of arbitrary Python commands such as os.system(). It is recommended to upgrade PyYAML to version 5.4 or higher, and to use yaml.safe_load() to mitigate the issue.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50472
Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago
Description : The modelscope/ms-swift library thru 2.6.1 is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_model_meta()` function of the `ModelFileSystemCache()` class. Attackers can execute arbitrary code and commands by crafting a malicious serialized `.mdl` payload, exploiting the use of `pickle.load()` on data from potentially untrusted sources. This vulnerability allows for remote code execution (RCE) by deceiving victims into loading a seemingly harmless checkpoint during a normal training process, thereby enabling attackers to execute arbitrary code on the targeted machine. Note that the payload file is a hidden file, making it difficult for the victim to detect tampering. More importantly, during the model training process, after the `.mdl` file is loaded and executes arbitrary code, the normal training process remains unaffected'meaning the user remains unaware of the arbitrary code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52327 - Restaurant Order System SQL Injection
CVE ID : CVE-2025-52327
Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago
Description : SQL Injection vulnerability in Restaurant Order System 1.0 allows a local attacker to obtain sensitive information via the payment.php file
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52361
Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago
Description : Insecure permissions in the script /etc/init.d/lighttpd in AK-Nord USB-Server-LXL Firmware v0.0.16 Build 2023-03-13 allows a locally authenticated low-privilege user to execute arbitrary commands with root privilege via editing this script which is executed with root-privileges on any interaction and on every system boot.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52390
Published : Aug. 1, 2025, 4:15 p.m. | 2 hours ago
Description : Saurus CMS Community Edition since commit d886e5b0 (2010-04-23) is vulnerable to a SQL Injection vulnerability in the `prepareSearchQuery()` method in `FulltextSearch.class.php`. The application directly concatenates user-supplied input (`$search_word`) into SQL queries without sanitization, allowing attackers to manipulate the SQL logic and potentially extract sensitive information or escalate their privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-45767 - Jose Weak Encryption Vulnerability
CVE ID : CVE-2025-45767
Published : Aug. 1, 2025, 3:15 p.m. | 3 hours ago
Description : jose v6.0.10 was discovered to contain weak encryption.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-44976 - Shunwang Rentdrv2 EDR Process Termination Vulnerability
CVE ID : CVE-2023-44976
Published : Aug. 1, 2025, 2:15 p.m. | 4 hours ago
Description : Hangzhou Shunwang Rentdrv2 before 2024-12-24 allows local users to terminate EDR processes and possibly have unspecified other impact via DeviceIoControl with control code 0x22E010, as exploited in the wild in October 2023.
Severity: 3.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46018 - CSC Pay Mobile App Bluetooth Payment Authorization Bypass Vulnerability
CVE ID : CVE-2025-46018
Published : Aug. 1, 2025, 2:15 p.m. | 4 hours ago
Description : CSC Pay Mobile App 2.19.4 (fixed in version 2.20.0) contains a vulnerability allowing users to bypass payment authorization by disabling Bluetooth at a specific point during a transaction. This could result in unauthorized use of laundry services and potential financial loss.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41370 - Gandia Integra Total TESI SQL Injection Vulnerability
CVE ID : CVE-2025-41370
Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago
Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb/html/view/acceso.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41371 - Gandia Integra Total TESI SQL Injection
CVE ID : CVE-2025-41371
Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago
Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb_v4/integra/html/view/acceso.php
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41372 - Gandia Integra Total TESI SQL Injection
CVE ID : CVE-2025-41372
Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago
Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/informe_campo_entrevistas.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41373 - Gandia Integra Total TESI SQL Injection
CVE ID : CVE-2025-41373
Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago
Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/hislistadoacciones.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41374 - Gandia Integra Total TESI SQL Injection Vulnerability
CVE ID : CVE-2025-41374
Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago
Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/hislistadoacciones.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41375 - Gandia Integra Total TESI SQL Injection Vulnerability
CVE ID : CVE-2025-41375
Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago
Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/consultaincimails.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-41376 - Gandia Integra Total TESI SQL Injection Vulnerability
CVE ID : CVE-2025-41376
Published : Aug. 1, 2025, 1:15 p.m. | 5 hours ago
Description : A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases through the 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/consultacuotasred.php.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-4684
Published : Aug. 1, 2025, 12:15 p.m. | 6 hours ago
Description : The BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML attributes of Image Carousel and Image Slider widgets in all versions up to, and including, 3.2.13.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6228 - Sina Extension for Elementor Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-6228
Published : Aug. 1, 2025, 12:15 p.m. | 6 hours ago
Description : The Sina Extension for Elementor (Header Builder, Footer Builter, Theme Builder, Slider, Gallery, Form, Modal, Data Table Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `Sina Posts`, `Sina Blog Post` and `Sina Table` widgets in all versions up to, and including, 3.7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-6398 - ASUS AI Suite 3 Null Pointer Dereference Vulnerability
CVE ID : CVE-2025-6398
Published : Aug. 1, 2025, 9:15 a.m. | 7 hours, 50 minutes ago
Description : A null pointer dereference vulnerability exists in the IOMap64.sys driver of ASUS AI Suite 3. The vulnerability can be triggered by a specially crafted input, which may lead to a system crash (BSOD). Refer to the '
Security Update for for AI Suite 3
' section on the ASUS Security Advisory for more information.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8443 - Code-projects Online Medicine Guide SQL Injection Vulnerability
CVE ID : CVE-2025-8443
Published : Aug. 1, 2025, 9:15 a.m. | 7 hours, 50 minutes ago
Description : A vulnerability was found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument uname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8441 - Code-projects Online Medicine Guide SQL Injection Vulnerability
CVE ID : CVE-2025-8441
Published : Aug. 1, 2025, 8:15 a.m. | 8 hours, 50 minutes ago
Description : A vulnerability, which was classified as critical, was found in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /pharsignup.php. The manipulation of the argument phuname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8442 - Code-projects Online Medicine Guide SQL Injection Vulnerability
CVE ID : CVE-2025-8442
Published : Aug. 1, 2025, 8:15 a.m. | 8 hours, 50 minutes ago
Description : A vulnerability has been found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /cussignup.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8438 - Code-Projects Wazifa System SQL Injection Vulnerability
CVE ID : CVE-2025-8438
Published : Aug. 1, 2025, 7:15 a.m. | 9 hours, 50 minutes ago
Description : A vulnerability classified as critical was found in code-projects Wazifa System 1.0. This vulnerability affects unknown code of the file /controllers/postpublish.php. The manipulation of the argument post leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8439 - Wazifa System SQL Injection Vulnerability
CVE ID : CVE-2025-8439
Published : Aug. 1, 2025, 7:15 a.m. | 9 hours, 50 minutes ago
Description : A vulnerability, which was classified as critical, has been found in code-projects Wazifa System 1.0. This issue affects some unknown processing of the file /controllers/updatesettings.php. The manipulation of the argument Password leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7646
Published : Aug. 1, 2025, 7:15 a.m. | 8 hours, 19 minutes ago
Description : The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom script parameter in all versions up to, and including, 6.3.10 even when the user does not have the unfiltered_html capability. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8437
Published : Aug. 1, 2025, 7:15 a.m. | 8 hours, 19 minutes ago
Description : A vulnerability classified as critical has been found in code-projects Kitchen Treasure 1.0. This affects an unknown part of the file /userregistration.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31716 - Cisco Bootloader Out-of-Bounds Write Denial of Service
CVE ID : CVE-2025-31716
Published : Aug. 1, 2025, 6:15 a.m. | 9 hours, 19 minutes ago
Description : In bootloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54939
Published : Aug. 1, 2025, 6:15 a.m. | 9 hours, 19 minutes ago
Description : LiteSpeed QUIC (LSQUIC) Library before 4.3.1 has an lsquic_engine_packet_in memory leak.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-5921
Published : Aug. 1, 2025, 6:15 a.m. | 9 hours, 19 minutes ago
Description : The SureForms WordPress plugin before 1.7.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against both authenticated and unauthenticated users.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8436 - Projectworlds Online Admission System SQL Injection Vulnerability
CVE ID : CVE-2025-8436
Published : Aug. 1, 2025, 6:15 a.m. | 9 hours, 19 minutes ago
Description : A vulnerability was found in projectworlds Online Admission System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /viewdoc.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8454
Published : Aug. 1, 2025, 6:15 a.m. | 9 hours, 19 minutes ago
Description : It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts (a collection of scripts to make the life of a Debian Package maintainer easier), skips OpenPGP verification if the upstream source is already downloaded from a previous run even if the verification failed back then.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8435
Published : Aug. 1, 2025, 5:15 a.m. | 10 hours, 14 minutes ago
Description : A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin-control.php. The manipulation of the argument ID leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7725
Published : Aug. 1, 2025, 5:15 a.m. | 8 hours, 56 minutes ago
Description : The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal or Stripe, Social Share Buttons, OpenAI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the comment feature in all versions up to, and including, 26.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7845
Published : Aug. 1, 2025, 5:15 a.m. | 8 hours, 56 minutes ago
Description : The Stratum – Elementor Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Advanced Google Maps and Image Hotspot widgets in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-4523 - IDonate WordPress Plugin Unauthorized Data Access Vulnerability
CVE ID : CVE-2025-4523
Published : Aug. 1, 2025, 5:15 a.m. | 7 hours, 50 minutes ago
Description : The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the admin_donor_profile_view() function in versions 2.0.0 to 2.1.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to expose an administrator’s username, email address, and all donor fields.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-7443
Published : Aug. 1, 2025, 5:15 a.m. | 7 hours, 50 minutes ago
Description : The BerqWP – Automated All-In-One Page Speed Optimization for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the store_javascript_cache.php file in all versions up to, and including, 2.2.42. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity: 8.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54846 - Apache HTTP Server HTTP Request Smuggling
CVE ID : CVE-2025-54846
Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 49 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54847 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-54847
Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 49 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5947 - WordPress Service Finder Bookings Privilege Escalation
CVE ID : CVE-2025-5947
Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 49 minutes ago
Description : The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via authentication bypass in all versions up to, and including, 6.0. This is due to the plugin not properly validating a user's cookie value prior to logging them in through the service_finder_switch_back() function. This makes it possible for unauthenticated attackers to login as any user including admins.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8433 - Dell Document Management System Path Traversal Vulnerability
CVE ID : CVE-2025-8433
Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 49 minutes ago
Description : A vulnerability was found in code-projects Document Management System 1.0 and classified as critical. This issue affects the function unlink of the file /dell.php. The manipulation of the argument ID leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8434
Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 49 minutes ago
Description : A vulnerability was found in code-projects Online Movie Streaming 1.0. It has been classified as critical. Affected is an unknown function of the file /admin.php. The manipulation of the argument ID leads to missing authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54844
Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 13 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54845
Published : Aug. 1, 2025, 4:16 a.m. | 8 hours, 13 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54842 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-54842
Published : Aug. 1, 2025, 4:16 a.m. | 4 hours, 49 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54843 - Fortinet DNS Server Insufficient Input Validation
CVE ID : CVE-2025-54843
Published : Aug. 1, 2025, 4:16 a.m. | 4 hours, 49 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2019-19145 - Quantum SuperLoader 3 Password Brute Force
CVE ID : CVE-2019-19145
Published : Aug. 1, 2025, 4:16 a.m. | 2 hours, 49 minutes ago
Description : Quantum SuperLoader 3 V94.0 005E.0h devices allow attackers to access the hardcoded fa account because there are only 65536 possible passwords.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-53399 - Sipwise RTPengine RTP Stream Injection and Interception Vulnerability
CVE ID : CVE-2025-53399
Published : Aug. 1, 2025, 4:16 a.m. | 2 hours, 49 minutes ago
Description : In Sipwise rtpengine before 13.4.1.1, an origin-validation error in the endpoint-learning logic of the media-relay core allows remote attackers to inject or intercept RTP/SRTP media streams via RTP packets (except when the relay is configured for strict source and learning disabled). Version 13.4.1.1 fixes the heuristic mode by limiting exposure to the first five packets, and introduces a recrypt flag that fully prevents SRTP attacks when both mitigations are enabled.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54657
Published : Aug. 1, 2025, 4:16 a.m. | 2 hours, 49 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54839 - Apache HTTP Server Cross-Site Request Forgery
CVE ID : CVE-2025-54839
Published : Aug. 1, 2025, 4:16 a.m. | 2 hours, 49 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54840 - Apache HTTP Server Denial of Service
CVE ID : CVE-2025-54840
Published : Aug. 1, 2025, 4:16 a.m. | 2 hours, 49 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54841
Published : Aug. 1, 2025, 4:16 a.m. | 2 hours, 49 minutes ago
Description : Rejected reason: Not used
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-5954 - WordPress Service Finder SMS System Plugin Unauthenticated Administrator Account Takeover Vulnerability
CVE ID : CVE-2025-5954
Published : Aug. 1, 2025, 3:15 a.m. | 3 hours, 11 minutes ago
Description : The Service Finder SMS System plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.0.0. This is due to the plugin not restricting user role selection at the time of registration through the aonesms_fn_savedata_after_signup() function. This makes it possible for unauthenticated attackers to register as an administrator user.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8431 - PHPGurukul Boat Booking System SQL Injection Vulnerability
CVE ID : CVE-2025-8431
Published : Aug. 1, 2025, 2:15 a.m. | 4 hours, 11 minutes ago
Description : A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/add-boat.php. The manipulation of the argument boatname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-48071 - OpenEXR ZIPS-packed Deep Scan-Line Heap Buffer Overflow
CVE ID : CVE-2025-48071
Published : July 31, 2025, 9:15 p.m. | 9 hours, 11 minutes ago
Description : OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.2 through 3.3.0, there is a heap-based buffer overflow during a write operation when decompressing ZIPS-packed deep scan-line EXR files with a maliciously forged chunk header. This is fixed in version 3.3.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48072
Published : July 31, 2025, 9:15 p.m. | 9 hours, 11 minutes ago
Description : OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Version 3.3.2 is vulnerable to a heap-based buffer overflow during a read operation due to bad pointer math when decompressing DWAA-packed scan-line EXR files with a maliciously forged chunk. This is fixed in version 3.3.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-48073
Published : July 31, 2025, 9:15 p.m. | 9 hours, 11 minutes ago
Description : OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, when reading a deep scanline image with a large sample count in reduceMemory mode, it is possible to crash a target application with a NULL pointer dereference in a write operation. This is fixed in version 3.3.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-32251 - Linux Kernel ksmbd Dictionary Attack Bypass
CVE ID : CVE-2023-32251
Published : July 31, 2025, 9:15 p.m. | 7 hours, 50 minutes ago
Description : A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the intended anti-brute-force protection, potentially allowing attackers to conduct dictionary attacks more efficiently against user credentials or other authentication mechanisms.
Severity: 3.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-23289 - NVIDIA Omniverse Launcher Information Disclosure Vulnerability
CVE ID : CVE-2025-23289
Published : July 31, 2025, 9:15 p.m. | 7 hours, 50 minutes ago
Description : NVIDIA Omniverse Launcher for Windows and Linux contains a vulnerability in the launcher logs, where a user could cause sensitive information to be written to the log files through proxy servers. A successful exploit of this vulnerability might lead to information disclosure.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-45768
Published : July 31, 2025, 9:15 p.m. | 7 hours, 50 minutes ago
Description : pyjwt v2.10.1 was discovered to contain weak encryption.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50572
Published : July 31, 2025, 8:15 p.m. | 8 hours, 49 minutes ago
Description : An issue was discovered in Archer Technology RSA Archer 6.11.00204.10014 allowing attackers to execute arbitrary code via crafted system inputs that would be exported into the CSV and be executed after the user opened the file with compatible applications.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8286 - Güralp FMUS series Telnet Command Injection Vulnerability
CVE ID : CVE-2025-8286
Published : July 31, 2025, 8:15 p.m. | 8 hours, 49 minutes ago
Description : Güralp FMUS series seismic monitoring devices expose an unauthenticated Telnet-based command line interface that
could allow an attacker to modify hardware configurations, manipulate
data, or factory reset the device.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-37108 - "HPE Telco Service Activator Cross-Site Scripting Vulnerability"
CVE ID : CVE-2025-37108
Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago
Description : Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-37109 - HPE Telco Service Activator Cross-Site Scripting Vulnerability
CVE ID : CVE-2025-37109
Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago
Description : Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-37110 - HPE Telco Network Function Virtual Orchestrator Information Disclosure
CVE ID : CVE-2025-37110
Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago
Description : A vulnerability was discovered in the storage policy for certain sets of sensitive credential information in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-37111 - HPE Telco Network Function Virtual Orchestrator Authentication Key Storage Policy Information Disclosure
CVE ID : CVE-2025-37111
Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago
Description : A vulnerability was discovered in the storage policy for certain sets of authentication keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-37112 - HPE Telco Network Function Virtual Orchestrator Key Storage Policy Information Disclosure
CVE ID : CVE-2025-37112
Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago
Description : A vulnerability was discovered in the storage policy for certain sets of encryption keys in the HPE Telco Network Function Virtual Orchestrator. Successful Exploitation could lead to unauthorized parties gaining access to sensitive system information.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-45769
Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago
Description : php-jwt v6.11.0 was discovered to contain weak encryption.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-45770
Published : July 31, 2025, 8:15 p.m. | 6 hours, 50 minutes ago
Description : jwt v5.4.3 was discovered to contain weak encryption.
Severity: 7.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-26062 - Intelbras RX1500/3000 Unauthenticated Access to Settings File
CVE ID : CVE-2025-26062
Published : July 31, 2025, 7:15 p.m. | 7 hours, 50 minutes ago
Description : An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain potentially sensitive information from the current settings.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-26063
Published : July 31, 2025, 7:15 p.m. | 7 hours, 50 minutes ago
Description : An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to execute arbitrary code via injecting a crafted payload into the ESSID name when creating a network.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-26064
Published : July 31, 2025, 7:15 p.m. | 7 hours, 50 minutes ago
Description : A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a connnected device.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51385
Published : July 31, 2025, 6:15 p.m. | 8 hours, 49 minutes ago
Description : D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the yyxz_dlink_asp function via the id parameter.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51503
Published : July 31, 2025, 6:15 p.m. | 8 hours, 49 minutes ago
Description : A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2.0 allows attackers to inject malicious scripts into user profile fields, leading to arbitrary JavaScript execution in admin browsers.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54832
Published : July 31, 2025, 6:15 p.m. | 8 hours, 49 minutes ago
Description : OPEXUS FOIAXpress Public Access Link (PAL), version v11.1.0, allows an authenticated user to add entries to the list of states and territories.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54833 - OPEXUS FOIAXpress Bypass Account-Lockout and CAPTCHA Protection Vulnerability
CVE ID : CVE-2025-54833
Published : July 31, 2025, 6:15 p.m. | 8 hours, 49 minutes ago
Description : OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows attackers to bypass account-lockout and CAPTCHA protections. Unauthenticated remote attackers can more easily brute force passwords.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-54834 - OPEXUS FOIAXpress Information Disclosure Vulnerability
CVE ID : CVE-2025-54834
Published : July 31, 2025, 6:15 p.m. | 8 hours, 49 minutes ago
Description : OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows an unauthenticated, remote attacker to query the /App/CreateRequest.aspx endpoint to check for the existence of valid usernames. There are no rate-limiting mechanisms in place.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-8426 - Marvell QConvergeConsole Directory Traversal and Information Disclosure/DoS
CVE ID : CVE-2025-8426
Published : July 31, 2025, 6:15 p.m. | 8 hours, 49 minutes ago
Description : Marvell QConvergeConsole compressConfigFiles Directory Traversal Information Disclosure and Denial-of-Service Vulnerability. This vulnerability allows remote attackers to disclose sensitive information or to create a denial-of-service condition on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the implementation of the compressConfigFiles method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose sensitive information or to create a denial-of-service condition on the system. Was ZDI-CAN-24915.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51384
Published : July 31, 2025, 6:15 p.m. | 6 hours, 49 minutes ago
Description : D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51383
Published : July 31, 2025, 6:15 p.m. | 2 hours, 49 minutes ago
Description : D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the host_ip parameter.
Severity: 3.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-34327
Published : July 31, 2025, 5:15 p.m. | 3 hours, 49 minutes ago
Description : Sielox AnyWare v2.1.2 was discovered to contain a SQL injection vulnerability via the email address field of the password reset form.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50866
Published : July 31, 2025, 5:15 p.m. | 3 hours, 49 minutes ago
Description : CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripting (XSS) vulnerability in the email parameter of the postquerypublic endpoint. Improper sanitization allows an attacker to inject arbitrary JavaScript code that executes in the context of the user s browser, potentially leading to session hijacking or phishing attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50867
Published : July 31, 2025, 4:15 p.m. | 4 hours, 49 minutes ago
Description : A SQL Injection vulnerability exists in the takeassessment2.php endpoint of the CloudClassroom-PHP-Project 1.0, where the Q5 POST parameter is directly embedded in SQL statements without sanitization.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-52203
Published : July 31, 2025, 4:15 p.m. | 4 hours, 49 minutes ago
Description : A stored cross-site scripting (XSS) vulnerability exists in DevaslanPHP project-management v1.2.4. The vulnerability resides in the Ticket Name field, which fails to properly sanitize user-supplied input. An authenticated attacker can inject malicious JavaScript payloads into this field, which are subsequently stored in the database. When a legitimate user logs in and is redirected to the Dashboard panel "automatically upon authentication the malicious script executes in the user's browser context.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8409
Published : July 31, 2025, 4:15 p.m. | 4 hours, 49 minutes ago
Description : A vulnerability has been found in code-projects Vehicle Management 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /filter.php. The manipulation of the argument from leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-29556 - ExaGrid EX10 Incorrect Access Control Bypass
CVE ID : CVE-2025-29556
Published : July 31, 2025, 4:15 p.m. | 3 hours, 10 minutes ago
Description : ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control. Since version 6.3, ExaGrid enforces restrictions preventing users with the Admin role from creating or modifying users with the Security Officer role without approval. However, a flaw in the account creation process allows an attacker to bypass these restrictions via API request manipulation. An attacker with an Admin access can intercept and modify the API request during user creation, altering the parameters to assign the new account to the ExaGrid Security Officers group without the required approval.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-46809 - SUSE Multi Linux Manager HTTP Proxy Credentials Disclosure
CVE ID : CVE-2025-46809
Published : July 31, 2025, 4:15 p.m. | 3 hours, 10 minutes ago
Description : A Insertion of Sensitive Information into Log File vulnerability in SUSE Multi Linux Manager exposes the HTTP proxy credentials. This issue affects Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.27-150600.3.33.1; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.87-150400.3.110.2; SUSE Manager Server Module 4.3: from ? before 4.3.87-150400.3.110.2.
Severity: 5.7 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50847 - CS Cart CSRF Add Product to Comparison List
CVE ID : CVE-2025-50847
Published : July 31, 2025, 4:15 p.m. | 3 hours, 10 minutes ago
Description : Cross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add products to a user's comparison list via a crafted HTTP request.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50848
Published : July 31, 2025, 4:15 p.m. | 3 hours, 10 minutes ago
Description : A file upload vulnerability was discovered in CS Cart 4.18.3, allows attackers to execute arbitrary code. CS Cart 4.18.3 allows unrestricted upload of HTML files, which are rendered directly in the browser when accessed. This allows an attacker to upload a crafted HTML file containing malicious content, such as a fake login form for credential harvesting or scripts for Cross-Site Scripting (XSS) attacks. Since the content is served from a trusted domain, it significantly increases the likelihood of successful phishing or script execution against other users.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50850
Published : July 31, 2025, 4:15 p.m. | 3 hours, 10 minutes ago
Description : An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks essential security controls such as CAPTCHA verification and rate limiting. This allows an attacker to systematically attempt various combinations of usernames and passwords (brute-force attack) to gain unauthorized access to vendor accounts. The absence of any blocking mechanism makes the login endpoint susceptible to automated attacks.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-34146
Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago
Description : A prototype pollution vulnerability exists in @nyariv/sandboxjs versions <= 0.8.23, allowing attackers to inject arbitrary properties into Object.prototype via crafted JavaScript code. This can result in a denial-of-service (DoS) condition or, under certain conditions, escape the sandboxed environment intended to restrict code execution. The vulnerability stems from insufficient prototype access checks in the sandbox’s executor logic, particularly in the handling of JavaScript function objects returned.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50270
Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago
Description : A stored Cross Site Scripting (xss) vulnerability in the "content management" feature in AnQiCMS v.3.4.11 allows a remote attacker to execute arbitrary code via a crafted script to the title, categoryTitle, and tmpTag parameters.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-50475 - Russound MBX-PRE-D67F OS Command Injection Vulnerability
CVE ID : CVE-2025-50475
Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago
Description : An OS command injection vulnerability exists in Russound MBX-PRE-D67F firmware version 3.1.6, allowing unauthenticated attackers to execute arbitrary commands as root via crafted input to the hostname parameter in network configuration requests. This vulnerability stems from improper neutralization of special elements used in an OS command within the network configuration handler, enabling remote code execution with the highest privileges.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-50849
Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago
Description : CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference (IDOR). The user profile functionality allows enabling or disabling stickers through a parameter (company_id) sent in the request. However, this operation is not properly validated on the server side. An authenticated user can manipulate the request to target other users' accounts and toggle the sticker setting by modifying the company_id or other object identifiers.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-51569
Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago
Description : A cross-site scripting (XSS) vulnerability exists in the LB-Link BL-CPE300M 01.01.02P42U14_06 router's web interface. The /goform/goform_get_cmd_process endpoint fails to sanitize user input in the cmd parameter before reflecting it into a text/html response. This allows unauthenticated attackers to inject arbitrary JavaScript, which is executed in the context of the router's origin when the crafted URL is accessed. The issue requires user interaction to exploit.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-52289 - MagnusBilling Broken Access Control Vulnerability
CVE ID : CVE-2025-52289
Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago
Description : A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted request to /mbilling/index.php/user/save to set their account status fom "pending" to "active" without requiring administrator approval.
Severity: 8.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-8408
Published : July 31, 2025, 3:15 p.m. | 4 hours, 10 minutes ago
Description : A vulnerability, which was classified as critical, was found in code-projects Vehicle Management 1.0. Affected is an unknown function of the file /filter1.php. The manipulation of the argument vehicle leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2014-125121
Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago
Description : Array Networks vAPV (version 8.3.2.17) and vxAG (version 9.2.0.34) appliances are affected by a privilege escalation vulnerability caused by a combination of hardcoded SSH credentials (or SSH private key) and insecure permissions on a startup script. The devices ship with a default SSH login or a hardcoded DSA private key, allowing an attacker to authenticate remotely with limited privileges.
Once authenticated, an attacker can overwrite the world-writable /ca/bin/monitor.sh script with arbitrary commands. Since this script is executed with elevated privileges through the backend binary, enabling the debug monitor via backend -c "debug monitor on" triggers execution of the attacker's payload as root. This allows full system compromise.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2014-125122
Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago
Description : A stack-based buffer overflow vulnerability exists in the tmUnblock.cgi endpoint of the Linksys WRT120N wireless router. The vulnerability is triggered by sending a specially crafted HTTP POST request with an overly long TM_Block_URL parameter to the endpoint. By exploiting this flaw, an unauthenticated remote attacker can overwrite memory in a controlled manner, enabling them to temporarily reset the administrator password of the device to a blank value. This grants unauthorized access to the router’s web management interface without requiring valid credentials.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2014-125123
Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago
Description : An unauthenticated SQL injection vulnerability exists in the Kloxo web hosting control panel (developed by LXCenter) prior to version 6.1.12. The flaw resides in the login-name parameter passed to lbin/webcommand.php, which fails to properly sanitize input, allowing an attacker to extract the administrator’s password from the backend database. After recovering valid credentials, the attacker can authenticate to the Kloxo control panel and leverage the Command Center feature (display.php) to execute arbitrary operating system commands as root on the underlying host system. This vulnerability was reported to be exploited in the wild in January 2014.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2014-125124
Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago
Description : An unauthenticated remote command execution vulnerability exists in Pandora FMS versions up to and including 5.0RC1 via the Anyterm web interface, which listens on TCP port 8023. The anyterm-module endpoint accepts unsanitized user input via the p parameter and directly injects it into a shell command, allowing arbitrary command execution as the pandora user. In certain versions (notably 4.1 and 5.0RC1), the pandora user can elevate privileges to root without a password using a chain involving the artica user account. This account is typically installed without a password and is configured to run sudo without authentication. Therefore, full system compromise is possible without any credentials.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2014-125125
Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago
Description : A path traversal vulnerability exists in A10 Networks AX Loadbalancer versions 2.6.1-GR1-P5, 2.7.0, and earlier. The vulnerability resides in the handling of the filename parameter in the /xml/downloads endpoint, which fails to properly sanitize user input. An unauthenticated attacker can exploit this flaw by sending crafted HTTP requests containing directory traversal sequences to read arbitrary files outside the intended directory. The files returned by the vulnerable endpoint are deleted from the system after retrieval. This can lead to unauthorized disclosure of sensitive information such as SSL certificates and private keys, as well as unintended file deletion.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2014-125126
Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago
Description : An unrestricted file upload vulnerability exists in Simple E-Document versions 3.0 to 3.1 that allows an unauthenticated attacker to bypass authentication by sending a specific cookie header (access=3) with HTTP requests. The application’s upload mechanism fails to restrict file types and does not validate or sanitize user-supplied input, allowing attackers to upload malicious .php scripts. Authentication can be bypassed entirely by supplying a specially crafted cookie (access=3), granting access to the upload functionality without valid credentials. If file uploads are enabled on the server, the attacker can upload a web shell and gain remote code execution with the privileges of the web server user, potentially leading to full system compromise.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-34328 - Sielox AnyWare Open Redirect Vulnerability
CVE ID : CVE-2024-34328
Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago
Description : An open redirect in Sielox AnyWare v2.1.2 allows attackers to execute a man-in-the-middle attack via a crafted URL.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-29557
Published : July 31, 2025, 3:15 p.m. | 2 hours, 44 minutes ago
Description : ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control in the MailConfiguration API endpoint, where users with operator-level privileges can issue an HTTP request to retrieve SMTP credentials, including plaintext passwords.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10042
Published : July 31, 2025, 3:15 p.m. | 2 hours, 12 minutes ago
Description : A stack-based buffer overflow vulnerability exists in freeFTPd version 1.0.10 and earlier in the handling of the FTP PASS command. When an attacker sends a specially crafted password string, the application fails to validate input length, resulting in memory corruption. This can lead to denial of service or arbitrary code execution. Exploitation requires the anonymous user account to be enabled.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10043 - OAstium VoIP PBX Remote Code Execution Vulnerability
CVE ID : CVE-2013-10043
Published : July 31, 2025, 3:15 p.m. | 2 hours, 12 minutes ago
Description : A vulnerability exists in OAstium VoIP PBX astium-confweb-2.1-25399 and earlier, where improper input validation in the logon.php script allows an attacker to bypass authentication via SQL injection. Once authenticated as an administrator, the attacker can upload arbitrary PHP code through the importcompany field in import.php, resulting in remote code execution. The malicious payload is injected into /usr/local/astium/web/php/config.php and executed with root privileges by triggering a configuration reload via sudo /sbin/service astcfgd reload. Successful exploitation leads to full system compromise.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10033
Published : July 31, 2025, 3:15 p.m. | 43 minutes ago
Description : An unauthenticated SQL injection vulnerability exists in Kimai version 0.9.2.x via the db_restore.php endpoint. The flaw allows attackers to inject arbitrary SQL queries into the dates[] POST parameter, enabling file write via INTO OUTFILE under specific environmental conditions. This can lead to remote code execution by writing a PHP payload to the web-accessible temporary directory. The vulnerability has been confirmed in versions including 0.9.2.beta, 0.9.2.1294.beta, and 0.9.2.1306-3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10034
Published : July 31, 2025, 3:15 p.m. | 43 minutes ago
Description : An unrestricted file upload vulnerability exists in Kaseya KServer versions prior to 6.3.0.2. The uploadImage.asp endpoint allows unauthenticated users to upload files to arbitrary paths via a crafted filename parameter in a multipart/form-data POST request. Due to the lack of authentication and input sanitation, an attacker can upload a file with an .asp extension to a web-accessible directory, which can then be invoked to execute arbitrary code with the privileges of the IUSR account. The vulnerability enables remote code execution without prior authentication and was resolved in version 6.3.0.2 by removing the vulnerable uploadImage.asp endpoint.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10035
Published : July 31, 2025, 3:15 p.m. | 43 minutes ago
Description : A code injection vulnerability exists in ProcessMaker Open Source versions 2.x when using the default 'neoclassic' skin. An authenticated user can execute arbitrary PHP code via multiple endpoints, including appFolderAjax.php, casesStartPage_Ajax.php, and cases_SchedulerGetPlugins.php, by supplying crafted POST requests to parameters such as action and params. These endpoints fail to validate user input and directly invoke PHP functions like system() with user-supplied parameters, enabling remote code execution. The vulnerability affects both Linux and Windows installations and is present in default configurations of versions including 2.0.23 through 2.5.1. The vulnerable skin cannot be removed through the web interface, and exploitation requires only valid user credentials.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10036
Published : July 31, 2025, 3:15 p.m. | 43 minutes ago
Description : A stack-based buffer overflow vulnerability exists in Beetel Connection Manager version PCW_BTLINDV1.0.0B04 when parsing the UserName parameter in the NetConfig.ini configuration file. A crafted .ini file containing an overly long UserName value can overwrite the Structured Exception Handler (SEH), leading to arbitrary code execution when the application processes the file.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2013-10037 - WebTester OS Command Injection Vulnerability
CVE ID : CVE-2013-10037
Published : July 31, 2025, 3:15 p.m. | 43 minutes ago
Description : An OS command injection vulnerability exists in WebTester version 5.x via the install2.php installation script. The parameters cpusername, cppassword, and cpdomain are passed directly to shell commands without sanitization. A remote unauthenticated attacker can exploit this flaw by sending a crafted HTTP POST request, resulting in arbitrary command execution on the underlying system with web server privileges.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10038
Published : July 31, 2025, 3:15 p.m. | 43 minutes ago
Description : An unauthenticated arbitrary file upload vulnerability exists in FlashChat versions 6.0.2 and 6.0.4 through 6.0.8. The upload.php endpoint fails to properly validate file types and authentication, allowing attackers to upload malicious PHP scripts. Once uploaded, these scripts can be executed remotely, resulting in arbitrary code execution as the web server user.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10039
Published : July 31, 2025, 3:15 p.m. | 43 minutes ago
Description : A command injection vulnerability exists in GestioIP 3.0 commit ac67be and earlier in ip_checkhost.cgi. Crafted input to the 'ip' parameter allows attackers to execute arbitrary shell commands on the server via embedded base64-encoded payloads. Authentication may be required depending on deployment configuration.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2013-10040
Published : July 31, 2025, 3:15 p.m. | 43 minutes ago
Description : ClipBucket version 2.6 and earlier contains a critical vulnerability in the ofc_upload_image.php script located at /admin_area/charts/ofc-library/. This endpoint allows unauthenticated users to upload arbitrary files, including executable PHP scripts. Once uploaded, the attacker can access the file via a predictable path and trigger remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-54589
Published : July 31, 2025, 2:15 p.m. | 49 minutes ago
Description : Copyparty is a portable file server. In versions 1.18.6 and below, when accessing the recent uploads page at `/?ru`, users can filter the results using an input field at the top. This field appends a filter parameter to the URL, which reflects its value directly into a `